Full List

Search

Recent Breaches

• PDQ June 22, 2018 • [ hack, financial ] PDQ, a fast-casual dining restaurant warns customers about a cyber attack on its computer systems in which hackers were able to access or acquire personal information from the chain's customers who paid with credit cards. The breach lasted nearly a year, from May 19, 2017 to April 20, 2018.
• Manitowoc County June 22, 2018 • [ leak, phishing, education ] Manitowoc County officials release more information about a data breach of a Manitowoc County email account in January, when an employee falls victim of a phishing attack.
• South Korean defense company June 22, 2018 • [ espionage, government ] Researchers from Palo Alto Networks uncover a new operation conducted by the cyber espionage group known as Tick APT. The campaign targets a secure USB drive built by a South Korean defense company.
• Indian businessman June 22, 2018 • [ hack, financial, finance ] The email of a city-based businessman is hacked and INR12.5 lakh (USD 18,230) stolen and transferred to two bank accounts in China.
• Ben Hubbard June 21, 2018 The Saudi hackers KINGDOM launched a phishing attack to attempt to trick journalist Ben Hubbard into installing NSO Group's Pegasus malware onto his phone. Hubbard does not recall clicking on the infected link sent to him via text message and it is unknown if his phone was infected.
• Humana June 21, 2018 • [ hack, brute-force, healthcare ] Health insurer Humana notifies an unspecified number of health plan members after detecting and blocking a credential stuffing attack against Humana.com and Go365.com. The attacks took place on June 3 and June 4 from overseas IP addresses.
• Bithumb June 20, 2018 South Korean cryptocurrency exchange Bithumb says that 35 billion won ($31.5 million) worth of virtual coins have been stolen by hackers.
• Road Sign close to ICE headquarters June 20, 2018 Someone hacks a road sign close to the ICE headquarter in Portland and defaces it with the "Abolish ICE" message.
• Med Associates June 19, 2018 • [ financial, healthcare ] Med Associates notifies its patients that the facility suffered a data breach on March 22, when unusual activity was detected, potentially exposing PII, including medical diagnosis and payment card information of about 270,000 patients.
• CarePartners June 18, 2018 • [ hack, healthcare ] CarePartners' computer system is breached and as a result patient and employee information including personal health and financial information, are inappropriately accessed.
• Flightradar24 June 18, 2018 • [ leak, technology ] Users of the popular flight-tracking site Flightradar24 are told to change their passwords after the site warns of a data breach. The breach may have compromised the email addresses and hashed passwords for a small subset of Flightradar24 users (those who registered prior to March 16, 2016).
• Mortal Online June 17, 2018 In June 2018, the massively multiplayer online role-playing game (MMORPG) Mortal Online suffered a data breach. A file containing 570k email addresses and cracked passwords was subsequently distributed online. A larger more complete file containing 607k email addresses with original unsalted MD5 password hashes along with names, usernames and physical addresses was later provided and the original breach in HIBP was updated accordingly. The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.
• Liberty Life June 16, 2018 • [ ransomware, malware, finance ] Liberty Life's IT system are attacked by unknown hackers, who reportedly obtain sensitive data about some of the insurer's top clients and ask for a ransom.
• Med Associates June 14, 2018 • [ leak, healthcare ] Med Associates, notifies of a security incident that may have compromised its patients protected information.
• HealthEquity June 14, 2018 About 23,000 accounts are compromised by a data breach that took place at HealthEquity in April when an employee fell for a phishing scam.
• Dixons Carphone June 13, 2018 Dixons Carphone has admitted a huge data breach involving 5.9 million payment cards and 1.2 million personal data records. The breach began in July last year and 105,000 cards without chip-and-pin protection have been leaked.
• Mongolian government data center June 13, 2018 • [ espionage, malware, government ] A threat actor has compromised a government data center in Mongolia. Kaspersky Lab assesses that the threat actor used its access to compromise websites that they will use in subsequent watering-hole attacks.
• Syscoin June 13, 2018 • [ hack, malware, finance ] Malicious actors replace the legitimate Windows installer for Syscoin's cryptocurrency with a version containing malware, which was available on the company's Github page for several days.
• Black River Medical Center June 13, 2018 • [ social, phishing, healthcare ] Black River Medical Center in Missouri notifies an unspecified number of patients potentially affected by a phishing incident discovered on April 23.
• AcFun June 13, 2018 According to a statement by the company, millions of user accounts of the Chinese video sharing platform AcFun are hacked. According to the same statement, the accessed data includes the user IDs, nicknames and passwords of nearly 10 million users.