Full List

Search

Recent Breaches

• Major international airport July 11, 2018 • [ hack, misconfiguration, technology ] While researching underground hacker marketplaces, researchers from McAfee discover that access linked to security and building automation systems of a major international airport could be bought for only US$10.
• Ammyy July 11, 2018 Researchers from ESET reveal that on June 13 or 14, the Ammyy website was compromised to serve a malware-tainted version of this otherwise legitimate software bundling the Kasidet trojan. To add an interesting twist to the incident, the attackers tried to hide their malicious activity behind the brand of the ongoing FIFA World Cup.
• Cambodian Ministry of Foreign Affairs and International Cooperation July 10, 2018 • [ espionage, hack, government ] A threat actor has compromised political parties, as well as organizations charged with overseeing the 2018 Cambodian elections, for espionage purposes. The threat actors, who are likely Chinese, have also targeted Cambodian government organizations. One of the targets is the Cambodian Ministry of Foreign Affairs and International Cooperation.
• Cambodian National Election Committee July 10, 2018 • [ espionage, government ] A threat actor has compromised political parties, as well as organizations charged with overseeing the 2018 Cambodian elections, for espionage purposes. The threat actors, who are likely Chinese, have also targeted Cambodian government organizations. One of the targets is the Cambodian National Election Committee.
• Cambodian People's Party July 10, 2018 • [ espionage, hack, government ] A threat actor has compromised political parties, as well as organizations charged with overseeing the 2018 Cambodian elections, for espionage purposes. The threat actors, who are likely Chinese, have also targeted Cambodian government organizations. One of the targets is the ruling Cambodian People's Party.
• Career and Technology Education Centers (C-TEC) July 10, 2018 • [ leak, misconfiguration, education ] Career and Technology Education Centers (C-TEC) reveals it suffered a possible data breach earlier this year that could have exposed individuals' names and Social Security numbers. The breach happened on May 25 when an unauthorized person had access to a private file for several minutes.
• Cambodia National Rescue Party July 10, 2018 • [ espionage, government ] A threat actor has compromised political parties, as well as organizations charged with overseeing the 2018 Cambodian elections, for espionage purposes. The threat actors, who are likely Chinese, have also targeted Cambodian government organizations. One of the targets is the opposition Cambodia National Rescue Party.
• Cambodian Senate July 10, 2018 • [ espionage, government ] A threat actor has compromised political parties, as well as organizations charged with overseeing the 2018 Cambodian elections, for espionage purposes. The threat actors, who are likely Chinese, have also targeted Cambodian government organizations. One of the targets is the Cambodian Senate.
• Cass Regional Medical Center July 10, 2018 • [ ransomware, malware, healthcare ] Cass Regional Medical Center, a Missouri health care center, announces that they have been affected by an undisclosed ransomware. This incident affected their internal communications system and their electronic health record (EHR) system.
• U.S. Air Force July 10, 2018 • [ espionage, misconfiguration, government ] Security Firm Recorded Future identifies an attempted sale of what is believed to be highly sensitive U.S. Air Force documents pertaining to the MQ-9 Reaper drone. The attack was carried on via the default FTP authentication credentials in Netgear routers.
• Cambodia July 10, 2018 • [ espionage, government ] Researchers from FireEye reveal a large scale operation from TEMP.Periscope, a Chinese cyber espionage group seeking to monitor the country's upcoming and contentious July 29 national elections.
• Cambodian Ministry of Economics and Finance July 10, 2018 • [ espionage, government ] A threat actor has compromised political parties, as well as organizations charged with overseeing the 2018 Cambodian elections, for espionage purposes. The threat actors, who are likely Chinese, have also targeted Cambodian government organizations. One of the targets is the Cambodian Ministry of Economics and Finance.
• Cambodian Ministry of the Interior July 10, 2018 • [ espionage, government ] A threat actor has compromised political parties, as well as organizations charged with overseeing the 2018 Cambodian elections, for espionage purposes. The threat actors, who are likely Chinese, have also targeted Cambodian government organizations. One of the targets is the Cambodian Ministry of the Interior.
• Monovithya Kem July 10, 2018 • [ espionage, government ] A threat actor has compromised political parties, as well as organizations charged with overseeing the 2018 Cambodian elections, for espionage purposes. The threat actors, who are likely Chinese, have also targeted Cambodian government organizations. One of the targets is Monovithya Kem, the daughter of a jailed opposition leader.
• Animoto July 10, 2018 • [ hack, technology ] In July 2018, the cloud-based video making service Animoto suffered a data breach. The breach exposed 22 million unique email addresses alongside names, dates of birth, country of origin and salted password hashes. The data was provided to HIBP by a source who requested it be attributed to "JimScott.Sec@protonmail.com".
• Macy's Inc. July 9, 2018 • [ hack, phishing, retail ] Macy's Inc. warns customers that hackers compromised the login information of some users of the retailer's websites. The suspicious activity took place from April 26 to June 12. A third party obtained valid usernames and passwords through websites not related to macys.com.
• Bancor July 9, 2018 Token creation platform Bancor goes offline following a "security breach" that sees the platform lose millions of dollars worth of cryptocurrency. The company lost roughly $13.5 million in the hack and the value of the coin quickly drops 14%.
• Gas station in Detroit July 9, 2018 • [ hack, misconfiguration, retail ] Police in Detroit are looking into an apparent hack at a gas station that allowed people to steal more than 600 gallons of gas, valued at over $1,800. Authorities believe the thieves used some sort of remote device to take control of the pump.
• Fashion Nexus July 9, 2018 • [ leak, misconfiguration, retail ] In July 2018, UK-based ecommerce company Fashion Nexus suffered a data breach which exposed 1.4 million records. Multiple websites developed by sister company White Room Solutions were impacted in the breach amongst which were sites including Jaded London and AX Paris. The various sites exposed in the incident included a range of different data types including names, phone numbers, addresses and passwords stored as a mix of salted MD5 and SHA-1 as well as unsalted MD5 passwords. When asked by reporter Graham Cluley if a public statement on the incident was available, a one-word response of "No" was received.
• ShareThis July 9, 2018 In July 2018, the social bookmarking and sharing service ShareThis suffered a data breach. The incident exposed 41 million unique email addresses alongside names and in some cases, dates of birth and password hashes. In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by dehashed.com.