-
Shopper Approved
October 9, 2018
•
[ hack, malware, retail ]
Shopper Approved is the latest victim of the Magecart gang. The incident took place on September 15.
-
City of Lake Worth Utilities
October 9, 2018
•
[ financial, malware, government ]
Customers of the City of Lake Worth Utilities who utilized the online option to pay their bill, between August 28 and October 9, may have experienced a possible breach of their credit card information.
-
Cork City Council
October 9, 2018
•
[ hack, government ]
5,000 people's personal information, who used a parking app, collected by Cork City Council, is illegally accessed by a hacker.
-
Rebound Orthopedics & Neurosurgery
October 9, 2018
•
[ hack, healthcare ]
Rebound Orthopedics & Neurosurgery reports a data breach occurred back in May, when an employee's email account was improperly accessed. 2,800 employees and patients may have been compromised.
-
Cancer Research UK
October 7, 2018
•
[ hack, malware, healthcare ]
The Magecart gang hit the Cancer Research UK back in 2016 with the same modus operandi.
-
Madison County Government Services
October 7, 2018
•
[ ransomware, malware, government ]
A ransomware attack hits Madison County Government services.
-
-
Wife Lovers
October 7, 2018
In October 2018, the site dedicated to posting naked photos and other erotica of wives Wife Lovers suffered a data breach. The underlying database supported a total of 8 different adult websites and contained over 1.2M unique email addresses. Wife Lovers acknowledged the breach which impacted names, usernames, email and IP addresses and passwords hashed using the weak DEScrypt algorithm. The breach has been marked as "sensitive" due to the nature of the site.
-
Anne Arundel County Public Library
October 6, 2018
•
[ hack, malware, education ]
Anne Arundel County Public Library officials announce that nearly 600 staff and public library computers have been hit by the Emotet virus. 4,768 customers who used public computers since September 17 are also notified.
-
SpankChain
October 6, 2018
•
[ financial, misconfiguration, finance ]
SpankChain, an adult industry focused cryptocurrency, has $38,000 worth of Ethereum stolen due to a smart contract bug.
-
Assassin's Creed Odyssey
October 5, 2018
•
[ hack, ddos, technology ]
Ubisoft's Assassin's Creed Odyssey's launch is disrupted by a DDoS attack on the day of its release.
-
North American Risk Services
October 5, 2018
North American Risk Services, suffers a data breach between February 7 and March 27, when the company notices suspicious emails being sent from one of their employee's accounts.
-
City of St. Petersburg
October 5, 2018
The City of St. Petersburg notifies a data breach of the third-party Click2Gov self-service payment which affected users who made payments between August 11, 2018, and September 25, 2018, using their credit cards.
-
Hetzner South Africa
October 5, 2018
•
[ hack, technology ]
The South African branch of Hetzner, a well-known web hosting provider, suffers a new security breach. The attacker manages to gain access to customer details.
-
National Ambulatory Hernia Institute
October 5, 2018
•
[ ransomware, malware, healthcare ]
National Ambulatory Hernia Institute notifies almost 16,000 patients of Gamma ransomware attack
-
You've Been Scraped
October 5, 2018
•
[ leak, misconfiguration, technology ]
In October and November 2018, security researcher Bob Diachenko identified several unprotected MongoDB instances believed to be hosted by a data aggregator. Containing a total of over 66M records, the owner of the data couldn't be identified but it is believed to have been scraped from LinkedIn hence the title "You've Been Scraped". The exposed records included names, both work and personal email addresses, job titles and links to the individuals' LinkedIn profiles.
-
Canadian Centre for Ethics in Sport
October 4, 2018
A threat actor compromised the Canadian Centre for Ethics in Sport. Seven of the individuals alleged to be behind this incident, believed to be Russian military intelligence (known as GRU), were indictedby the U.S. Justice Department. Canada issued a statement attributing the incident to Russian military intelligence.
-
Square Enix
October 4, 2018
•
[ hack, ddos, technology ]
The same day Square Enix also announces to be fighting off a DDoS attack aimed towards its popular game, Final Fantasy XIV.
-
Tillamook Chiropractic Clinic
October 4, 2018
•
[ hack, malware, healthcare ]
Tillamook Chiropractic Clinic reveals that on May 2016, malware was installed on the primary insurance billing system, which hackers then used as a staging area to collect patient records.
-
US Department of Defense
October 4, 2018
Roughly 30,000 DOD military and civilian personnel are believed to be affected by a cyber attack. A third-party contractor is compromised, granting the attackers access to the Pentagon network to steal travel data for DOD personnel.
