Full List

Search

Recent Breaches

• West Australian TAFE September 5, 2017 • [ hack, education ] An attacker infiltrates the systems of a West Australian TAFE on August 28 and September 5 and accesses the sensitive personal details of staff and more than 13,000 students.
• Julia Kloeckner Website September 4, 2017 • [ hack, government ] Julia Kloeckner, a top leader of German Chancellor Angela Merkel's conservative party says her website has been hit by thousands of cyber attacks -- many from Russian IP addresses -- ahead of the television election debate between Merkel and her opponent, Social Democratic leader Martin Schulz.
• Verrit September 4, 2017 • [ hack, ddos, technology ] Verrit, a political fact-checking site is DDoSed almost immediately after it was endorsed by Hillary Clinton.
• Taringa September 4, 2017 • [ leak, technology ] LeakBase, a breach notification service, obtains a copy of the hacked database of Taringa, a social network popular in Latin America, containing details on 28,722,877 accounts, which includes usernames, email addresses and hashed passwords.
• Canoe September 2, 2017 • [ leak, technology ] The free news and entertainment portal Canoe.ca, operated by MediaQMI Inc. and owned by Sun Media Corp. prior to 2015, wishes to inform users that some of its databases containing records from the period of 1996 to 2008 have been breached.
• Google September 1, 2017 The Google Cloud team revealed a previously undisclosed DDoS attack that targeted Google service back in September 2017 and which clocked at 2.54 Tbps, making it the largest DDoS attack recorded to date.
• Unknown Organization September 1, 2017 • [ leak, government, healthcare ] The Alaska Department of Health and Social Services reveals to have suffered a security breach in July that may have disclosed personal information of individuals who have interacted with the Office of Children's Services.
• Hand Rehabilitation Specialists September 1, 2017 • [ hack, healthcare ] Hand Rehabilitation Specialists notifies patients of a possible hack by The Dark Overlord that occurred back in July.
• Purdue University Pharmacy September 1, 2017 • [ hack, malware, healthcare ] Patients of the Purdue University Pharmacy and the Family Health Clinic of Carroll County receive notices that their information might be compromised because of a security breach. A malicious file was installed on some computers on September 1st.
• TrueStresser September 1, 2017 A dissatisfied customer breaches the server of TrueStresser, a DDoS-for-hire service, pilfering its database, and leaking some of the content online.
• TGBUS September 1, 2017 In approximately 2017, it's alleged that the Chinese gaming site known as TGBUS suffered a data breach that impacted over 10 million unique subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as "unverified". The data in the breach contains usernames, email addresses and salted MD5 password hashes and was provided with support from dehashed.com. Read more about Chinese data breaches in Have I Been Pwned.
• WikiLeaks August 31, 2017 • [ hack ] WikiLeaks' website appears to have been hacked by the OurMine collective.
• Central German state of Saxony-Anhalt August 31, 2017 • [ ransomware, malware, government ] Internet and telephone networks at the regional parliament in the central German state of Saxony-Anhalt are offline after a ransomware attack.
• Free Online File Converter August 31, 2017 An anonymous researcher reveals that the server hosting dozens of free-to-use online file conversion websites, including combinepdf.com, imagetopdf.com, jpg2pdf.com, pdftoimage.com, pdfcompressor.com, and wordtojpeg.com, has been hacked several times in the past year.
• Instagram August 31, 2017 Instagram reveals that one or more hackers have been stealing celebrities' e-mail addresses, phone numbers, and other personal information by exploiting a bug. A database, Doxagram, is published online immediately after with the attacker claiming to have stolen 6 million records.
• Medical Oncology Hematology Consultants August 31, 2017 • [ ransomware, malware, healthcare ] Medical Oncology Hematology Consultants, reports a ransomware attack that affected 19,203 patients.
• dms[.]nwcg[.]gov August 30, 2017 Ankit Anubhav of NewSky Security discovers a U.S. government website hosting a malicious JavaScript downloader, leading victims to installations of Cerber ransomware.
• CeX August 29, 2017 • [ hack, retail ] Second-hand electronics dealership CeX notifies 2 million customers that their personal information may have been compromised by hackers.
• The Young Illustrator Award site administered by Meridian Secondary School August 29, 2017 • [ hack, education ] The Young Illustrator Award site administered by Meridian Secondary School is taken down after being hacked.
• NHS Lanarkshire August 29, 2017 • [ ransomware, malware, healthcare ] NHS services in Lanarkshire (Scotland) are hit by a new ransomware campaign. The culprit is identified as a new variant of Bitpaymer ransomware.