-
Vesta Control Panel (VestaCP)
October 17, 2018
•
[ hack, malware, technology ]
Vesta Control Panel, the provider of an open-source hosting panel software reveals a security breach during which an unknown hacker contaminated the project's source code with malware. The malicious code was added on May 31, this year, and later removed two weeks later, on June 13.
-
A primary company in the Italian naval industry
October 17, 2018
•
[ espionage, malware, manufacturing ]
Researchers from Yoroi discover a new targeted campaign against one of the most important companies in the Italian naval industry. The malware is dubbed MartyMcFly.
-
City of West Haven
October 16, 2018
•
[ ransomware, malware, government ]
The City of West Haven pays $2,000 after having 23 of its servers encrypted from a ransomware attack.
-
Eatigo
October 16, 2018
•
[ leak, misconfiguration, technology ]
In October 2018, the restaurant reservation service Eatigo suffered a data breach that exposed 2.8 million accounts. The data included email addresses, names, phone numbers, social media profiles, genders and passwords stored as unsalted MD5 hashes.
-
EOSBet
October 15, 2018
Hackers are believed to have stolen $338,000 worth of EOS cryptocurrency from blockchain-powered gambling dApp EOSBet.
-
Onslow Water and Sewer Authority (ONWASA)
October 13, 2018
•
[ ransomware, malware, government ]
The Onslow Water and Sewer Authority (ONWASA) is hit by a targeted ransomware attack carried out via Ryuk.
-
Henderson School District
October 12, 2018
•
[ financial, phishing, education ]
The Henderson school district in Texas is hit with a business email compromise (BEC) attack resulting in a $600,000 loss for the district. The attack took place on September, 26th.
-
Pluto TV
October 12, 2018
In October 2018, the internet television service Pluto TV suffered a data breach which was then shared extensively in hacking communities. Pluto TV "decided not to proactively inform users of the breach" which contained 3.2M unique email and IP addresses, names, usernames, genders, dates of birth and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.
-
Sodexo Motivation Solutions
October 10, 2018
•
[ hack, malware ]
Sodexo Motivation Solutions' internal IT systems are hit by malware and as a consequence the Sodexo Engage's website lifestylehub.co.uk is pulled offline.
-
Morele.net
October 10, 2018
In October 2018, the Polish e-commerce website Morele.net suffered a data breach. The incident exposed almost 2.5 million unique email addresses alongside phone numbers, names and passwords stored as md5crypt hashes.
-
Minnesota Department of Human Services
October 9, 2018
•
[ social, phishing, government ]
The Minnesota Department of Human Services falls victim to a phishing email scam. The attackers accessed the information of approximately 21,000 individuals in two incidents back in June and July.
-
Shopper Approved
October 9, 2018
•
[ hack, malware, retail ]
Shopper Approved is the latest victim of the Magecart gang. The incident took place on September 15.
-
City of Lake Worth Utilities
October 9, 2018
•
[ financial, malware, government ]
Customers of the City of Lake Worth Utilities who utilized the online option to pay their bill, between August 28 and October 9, may have experienced a possible breach of their credit card information.
-
Cork City Council
October 9, 2018
•
[ hack, government ]
5,000 people's personal information, who used a parking app, collected by Cork City Council, is illegally accessed by a hacker.
-
Rebound Orthopedics & Neurosurgery
October 9, 2018
•
[ hack, healthcare ]
Rebound Orthopedics & Neurosurgery reports a data breach occurred back in May, when an employee's email account was improperly accessed. 2,800 employees and patients may have been compromised.
-
Cancer Research UK
October 7, 2018
•
[ hack, malware, healthcare ]
The Magecart gang hit the Cancer Research UK back in 2016 with the same modus operandi.
-
Madison County Government Services
October 7, 2018
•
[ ransomware, malware, government ]
A ransomware attack hits Madison County Government services.
-
-
Wife Lovers
October 7, 2018
In October 2018, the site dedicated to posting naked photos and other erotica of wives Wife Lovers suffered a data breach. The underlying database supported a total of 8 different adult websites and contained over 1.2M unique email addresses. Wife Lovers acknowledged the breach which impacted names, usernames, email and IP addresses and passwords hashed using the weak DEScrypt algorithm. The breach has been marked as "sensitive" due to the nature of the site.
-
Anne Arundel County Public Library
October 6, 2018
•
[ hack, malware, education ]
Anne Arundel County Public Library officials announce that nearly 600 staff and public library computers have been hit by the Emotet virus. 4,768 customers who used public computers since September 17 are also notified.