-
SAIPEM
December 20, 2018
•
[ hack, malware, energy ]
An attack on the Italian oil firm Saipem targeted servers based in India, Kuwait, Saudi Arabia, Scotland, and the United Arab Emirates. Hackers used a variant of the Shamoon virus.
-
Warby Parker
December 20, 2018
•
[ hack, brute-force, retail ]
Warby Parker discloses that roughly 198,000 of its customers may have been affected by a credential stuffing attack targeting the eyeglass retail chain. The unauthorized activity started on Sept. 25 and continued through late November.
-
California Department of Consumer Affairs
December 19, 2018
•
[ hack, malware, government ]
The California Department of Consumer Affairs suffers a malware attack, affecting workstations and disrupting computer networks.
-
Ministry of Foreign Affairs of Cyprus
December 19, 2018
•
[ espionage, phishing, government ]
A report by Area 1 Security reveals that a successful phishing attack on the Ministry of Foreign Affairs of Cyprus, an EU member nation, compromised the diplomatic communication network for the European Union (COREU).
-
Hammer Nutrition
December 19, 2018
Hammer Nutrition notifies customers after discovering a malicious script injection into their website as a consequence of the compromise of their third-party website provider.
-
Steelite International
December 19, 2018
•
[ ransomware, malware, manufacturing ]
Steelite International discovers that hackers had encrypted its servers to cause "maximum disruption" to its payroll systems.
-
Kvant Scientific Research Institute
December 19, 2018
The Digital Revolution group claims to have hacked the servers of Moscow-based Kvant Scientific Research Institute, and gathered evidence of a neural networks tool used to analyze activities on social networks.
-
The Wellcome Trust
December 19, 2018
The Wellcome Trust reveals in its annual report, that the email of four senior executives was compromised and sensitive information monitored for several months.
-
Click2Gov
December 18, 2018
•
[ leak, government ]
According to a new report published by Gemini Advisory, in the wake of the Click2Gov breach, at least 294,929 payment records have been compromised in 46 U.S. cities and sold in the Dark Web.
-
Barnes-Jewish Company HealthCare
December 18, 2018
At least 5,850 people are alerted about a possible breach of credit card information through Barnes-Jewish Company HealthCare's online payment portal. The breach was discovered on Nov. 19 and involved the injection of malicious code into their website.
-
NASA
December 18, 2018
•
[ leak, government ]
NASA alerts its employees of a possible compromise of NASA servers containing personally identifiable information. The breach was discovered on October 23, and affects NASA Civil Service employees from July 2006 through October 2018.
-
University of Vermont Health Network Elizabethtown Community Hospital
December 17, 2018
University of Vermont Health Network " Elizabethtown Community Hospital notifies 32,000 patients after an employee's email account is accessed without authorization. The incident occurred on October 9, 2018.
-
The Wall Street Journal's website
December 17, 2018
•
[ hack, misconfiguration, technology ]
The Wall Street Journal's website is defaced with a post containing a fake apology supporting YouTube megastar PewDiePie, previously accused of antisemitism by the same paper.
-
CCRM Dallas-Fort Worth
December 16, 2018
•
[ hack, healthcare ]
CCRM Dallas-Fort Worth becomes aware of a potential data security incident that may have resulted in the inadvertent exposure of patients' personal and health information, after a former nurse's email account is hacked.
-
Tivit
December 14, 2018
Brazil-based IT services and business process outsourcing provider Tivit has data from many of its large customers leaked online, after nine members of staff have suffered a phishing attack.
-
Contractors working for the US Navy
December 14, 2018
•
[ espionage, government ]
According to a new report, classified military information including missile plans have been stolen from contractors working for the US Navy by hackers linked to China.
-
Save the Children
December 13, 2018
Save the Children reveals to have been hit last year with a business email compromise scam that cost the charity $1 million. The incident took place in May 2017.
-
Schenectady County
December 13, 2018
•
[ hack, malware, government ]
Schenectady County, shuts down its government website after a cyberattack via malware.
-
French Ministry of Europe and Foreign Affairs
December 13, 2018
•
[ hack, government ]
The personal information of 540,563 individuals is stolen from an emergency contact database after the website of the French Ministry of Europe, and Foreign Affairs is hacked.
-
Wanelo
December 13, 2018
•
[ hack, retail ]
In approximately December 2018, the digital mall Wanelo suffered a data breach. The data was later placed up for sale on a dark web marketplace along with a collection of other data breaches in April 2019. A total of 23 million unique email addresses were included in the breach alongside passwords stored as either MD5 or bcrypt hashes. After the initial HIBP load, further data containing names, shipping addresses and IP addresses were also provided to HIBP, albeit without direct association to the email addresses and passwords. The data was provided to HIBP by a source who requested it be attributed to "JimScott.Sec@protonmail.com".