-
SpankChain
October 6, 2018
•
[ financial, misconfiguration, finance ]
SpankChain, an adult industry focused cryptocurrency, has $38,000 worth of Ethereum stolen due to a smart contract bug.
-
Assassin's Creed Odyssey
October 5, 2018
•
[ hack, ddos, technology ]
Ubisoft's Assassin's Creed Odyssey's launch is disrupted by a DDoS attack on the day of its release.
-
North American Risk Services
October 5, 2018
North American Risk Services, suffers a data breach between February 7 and March 27, when the company notices suspicious emails being sent from one of their employee's accounts.
-
City of St. Petersburg
October 5, 2018
The City of St. Petersburg notifies a data breach of the third-party Click2Gov self-service payment which affected users who made payments between August 11, 2018, and September 25, 2018, using their credit cards.
-
Hetzner South Africa
October 5, 2018
•
[ hack, technology ]
The South African branch of Hetzner, a well-known web hosting provider, suffers a new security breach. The attacker manages to gain access to customer details.
-
National Ambulatory Hernia Institute
October 5, 2018
•
[ ransomware, malware, healthcare ]
National Ambulatory Hernia Institute notifies almost 16,000 patients of Gamma ransomware attack
-
You've Been Scraped
October 5, 2018
•
[ leak, misconfiguration, technology ]
In October and November 2018, security researcher Bob Diachenko identified several unprotected MongoDB instances believed to be hosted by a data aggregator. Containing a total of over 66M records, the owner of the data couldn't be identified but it is believed to have been scraped from LinkedIn hence the title "You've Been Scraped". The exposed records included names, both work and personal email addresses, job titles and links to the individuals' LinkedIn profiles.
-
Canadian Centre for Ethics in Sport
October 4, 2018
A threat actor compromised the Canadian Centre for Ethics in Sport. Seven of the individuals alleged to be behind this incident, believed to be Russian military intelligence (known as GRU), were indictedby the U.S. Justice Department. Canada issued a statement attributing the incident to Russian military intelligence.
-
Square Enix
October 4, 2018
•
[ hack, ddos, technology ]
The same day Square Enix also announces to be fighting off a DDoS attack aimed towards its popular game, Final Fantasy XIV.
-
Tillamook Chiropractic Clinic
October 4, 2018
•
[ hack, malware, healthcare ]
Tillamook Chiropractic Clinic reveals that on May 2016, malware was installed on the primary insurance billing system, which hackers then used as a staging area to collect patient records.
-
US Department of Defense
October 4, 2018
Roughly 30,000 DOD military and civilian personnel are believed to be affected by a cyber attack. A third-party contractor is compromised, granting the attackers access to the Pentagon network to steal travel data for DOD personnel.
-
Federation Internationale de Football Association (FIFA)
October 4, 2018
A threat actor compromised the Federation Internationale de Football Association (FIFA) in December 2016 and January 2017. Seven of the individuals alleged to be behind this incident, believed to be Russian military intelligence (known as GRU), were indicted by the U.S. Justice Department.
-
Organization for the Prohibition of Chemical Weapons
October 4, 2018
•
[ espionage, misconfiguration, government ]
A threat actor, believed to be Russian military intelligence, targeted the office of the Organization for the Prohibition of Chemical Weapons in The Hague with a view of compromising its Wi-Fi network for espionage purposes.
-
Black History Month Website
October 3, 2018
•
[ hack, education ]
The Black History Month website falls victim to two cyber attacks in just 24 hours.
-
Managed Service Providers
October 3, 2018
•
[ hack, malware, technology ]
The US Department of Homeland Security issues an alert about "ongoing" cyber-attacks against managed service providers, indirectly attributed to APT10.
-
City of Regina
October 2, 2018
•
[ hack, phishing, government ]
A city of Regina email is hacked, and used as a phishing tool to try and get passwords and emails from other city of Regina staff as well as external groups.
-
US Banks
October 2, 2018
•
[ financial, malware, finance ]
A joint technical alert from the DHS, the FBI, and the Treasury warns about a new ATM cash-out scheme, dubbed "FASTCash," used by the Hidden Cobra APT.
-
SBM Holdings (State Bank of Mauritius India)
October 2, 2018
•
[ financial, finance ]
Mauritius banking group SBM Holdings unveils that its Indian operations suffered a cyber fraud earlier in the week, and that the bank has potentially lost up to $14 million worth. The bank is able to recover $10 million.
-
Apollo
October 1, 2018
•
[ hack, technology ]
Apollo, a sales engagement startup boasting a database of more than 200 million contact records, is hacked and sends an email to its affected customers.
-
Omar Abdulaziz
October 1, 2018
A report from The Citizen Lab reveals that the Canadian permanent resident and Saudi dissident Omar Abdulaziz was targeted by an attack infecting his phone with NSO's Pegasus spyware.