Full List

Search

Recent Breaches

• Oklahoma State University Center for Health Sciences (OSUCHS) January 5, 2018 • [ hack, healthcare ] Oklahoma State University Center for Health Sciences notifies an undisclosed number of affected patients of an unauthorized third party occurred on November 2017.
• Goldjoy January 4, 2018 Goldjoy, another travel agency in Hong Kong, reveals that unauthorised parties accessed its customer database containing personal information such as names and ID card numbers, passport details and phone numbers, asking for a ransom.
• City of Belle Fourche January 4, 2018 • [ ransomware, malware, government ] The city of Belle Fourche is hit by a ransomware attack.
• Big Line Holiday January 3, 2018 • [ hack ] Big Line Holiday, a Hong Kong travel agency, reveals that hackers might have broken into its database a day before and gained possession of some of its customers' personal information.
• City of Farmington January 3, 2018 • [ ransomware, malware, healthcare ] The city of Farmington is hit by a variant of the SamSam ransomware.
• thefly January 2, 2018 A hacker using the twitter handle @0x55Taylor posts some screenshots of a breach affecting all users who registered at thefly.com a leading digital publisher of real-time financial news between 2006 and 2015. The leak contains the data of 100,000 individuals.
• Rockingham County Schools January 1, 2018 Rockingham County Schools servers are compromised by the Emotet malware after an employee opens a phishing email.
• Faye Brookes January 1, 2018 2018 begins with a new round of Fappening leaks. This time the victim is Faye Brookes, whose explicit video is leaked on several video sharing websites.
• DailyObjects January 1, 2018 • [ leak, misconfiguration, retail ] In approximately January 2018, a collection of more than 464k customer records from the Indian online retailer DailyObjects were leaked online. The data included names, physical and email addresses, phone numbers and "pincodes" stored in plain text. After multiple attempts to contact them, DailyObjects responded and received a copy of the data for verification, however failed to respond to multiple contact attempts following that.
• Elanic January 1, 2018 • [ leak, misconfiguration, retail ] In January 2020, the Indian fashion marketplace Elanic had 2.8M records with 2.3M unique email addresses posted publicly to a popular hacking forum. Elanic confirmed that they had "verified the data and it was pulled from one of our test servers where this data was exposed publicly" and that the data was "old" (the hacking forum reported it as being from 2016-2018). When asked about disclosure to impacted customers, Elanic advised that they had "decided to not have as such any communication and public disclosure".
• Centers for Medicare & Medicaid Services January 1, 2018 • [ hack, healthcare ] hacked
• RENAPER (Argentina) January 1, 2018 • [ leak, misconfiguration, government ] poor security
• United States Postal Service January 1, 2018 poor security
• AerServ (subsidiary of InMobi) January 1, 2018 • [ hack ] hacked
• Air Canada January 1, 2018 • [ hack ] hacked
• Bell Canada January 1, 2018 • [ hack ] hacked
• Bethesda Game Studios January 1, 2018 • [ leak, misconfiguration, technology ] accidentally published
• Blank Media Games January 1, 2018 • [ hack ] hacked
• BMO and Simplii January 1, 2018 • [ hack, misconfiguration, financial ] poor security
• British Airways January 1, 2018 • [ hack ] hacked