Full List

Search

Recent Breaches

• Federation Internationale de Football Association (FIFA) October 4, 2018 A threat actor compromised the Federation Internationale de Football Association (FIFA) in December 2016 and January 2017. Seven of the individuals alleged to be behind this incident, believed to be Russian military intelligence (known as GRU), were indicted by the U.S. Justice Department.
• Organization for the Prohibition of Chemical Weapons October 4, 2018 • [ espionage, misconfiguration, government ] A threat actor, believed to be Russian military intelligence, targeted the office of the Organization for the Prohibition of Chemical Weapons in The Hague with a view of compromising its Wi-Fi network for espionage purposes.
• Black History Month Website October 3, 2018 • [ hack, education ] The Black History Month website falls victim to two cyber attacks in just 24 hours.
• Managed Service Providers October 3, 2018 • [ hack, malware, technology ] The US Department of Homeland Security issues an alert about "ongoing" cyber-attacks against managed service providers, indirectly attributed to APT10.
• City of Regina October 2, 2018 • [ hack, phishing, government ] A city of Regina email is hacked, and used as a phishing tool to try and get passwords and emails from other city of Regina staff as well as external groups.
• US Banks October 2, 2018 • [ financial, malware, finance ] A joint technical alert from the DHS, the FBI, and the Treasury warns about a new ATM cash-out scheme, dubbed "FASTCash," used by the Hidden Cobra APT.
• SBM Holdings (State Bank of Mauritius India) October 2, 2018 • [ financial, finance ] Mauritius banking group SBM Holdings unveils that its Indian operations suffered a cyber fraud earlier in the week, and that the bank has potentially lost up to $14 million worth. The bank is able to recover $10 million.
• Apollo October 1, 2018 • [ hack, technology ] Apollo, a sales engagement startup boasting a database of more than 200 million contact records, is hacked and sends an email to its affected customers.
• Omar Abdulaziz October 1, 2018 A report from The Citizen Lab reveals that the Canadian permanent resident and Saudi dissident Omar Abdulaziz was targeted by an attack infecting his phone with NSO's Pegasus spyware.
• VimeWorld October 1, 2018 • [ leak ] In October 2018, the Russian Minecraft service VimeWorld suffered a data breach that was later redistributed as part of a larger corpus of data. The data included 3.1M records of usernames, email and IP addresses and passwords stored as either MD5 or bcrypt hashes.
• Burgerville September 30, 2018 • [ financial, retail ] Burgerville reveals a data breach impacting the chain which may have led to the theft of detailed credit card information belonging to customers.
• Gwinnett Medical Center (GMC) September 29, 2018 • [ hack, healthcare ] Gwinnett Medical Center(GMC) is hacked and the patient data is posted online.
• Virat Kohli's official website September 29, 2018 • [ hack, technology ] Following the defeat of the Bangladeshi cricket team against India at the 2018 Asia Cup final, a group of Bangladeshi hackers defaces Virat Kohli's official website (the current captain of India's team) to protest against an 'unfair decision' during the match.
• Recipe Unlimited September 28, 2018 • [ ransomware, malware, retail ] Recipe Unlimited, a Canadian restaurant chain that operates over 20 restaurant brands, suffers a country-wide outage of its IT systems over the weekend in a ransomware incident.
• SHEIN September 28, 2018 A criminal cyber-attack is thought to have affected roughly 6.42 million customers of fashion brand SHEIN. The attack took place on August 22, and gained access to email addresses and encrypted password credentials of customers who visited the company website.
• Toyota (North America) September 28, 2018 • [ social, phishing, manufacturing ] Toyota Industries North America notifies individuals of a phishing incident, potentially impacting approximately 19,000 current/former employees and health plan participants.
• Facebook September 27, 2018 • [ hack, misconfiguration, technology ] Facebook says a breach affected 50 million people on the social network. The vulnerability stemmed from the "view as" feature, which lets people see what their profiles look like to others. Attackers exploited code associated with the feature that allowed them to steal "access tokens" that could be used to take over people's accounts.
• pigeoncoin September 26, 2018 • [ financial, malware, finance ] The developers behind the pigeoncoin cryptocurrency confirm that an unknown attacker successfully took advantage of a bitcoin bug, printing 235 million pigeoncoins worth about $15,000.
• NewsNow September 25, 2018 • [ hack, technology ] Online news aggregation service NewsNow admits that it has suffered a security breach and an encrypted version of the passwords may have been accessed.
• Port of San Diego September 25, 2018 • [ ransomware, malware, government ] Service to the public in the Port of San Diego are impacted by a ransomware attack.