Full List

Search

Recent Breaches

• Business Wire February 7, 2018 • [ hack, ddos, technology ] Press release network Business Wire admits suffering an ongoing Distributed Denial of Service (DDoS) attack lasting a week.
• Swisscom February 7, 2018 • [ leak, technology ] Swisscom, the biggest telecom company in Switzerland, suffers a data breach that resulted in the compromise of personal data of some 800,000 customers, i.e., nearly ten percent of the entire Swiss population. The breach dates back to Autumn 2017.
• The Sacramento Bee February 7, 2018 • [ ransomware, information ] The Sacramento Bee deletes two databases hosted by a third party after a ransomware attack exposed the voter records of 19.5 million California voters and 53,000 current and former subscribers to the newspaper.
• Italian Democratic Party (PD) February 6, 2018 • [ hack, government ] The AnonPlus hacker group says they have hacked the Florence branch of the Italian centre-left Democratic Party (PD) and leaked data regarding leader Matteo Renzi online.
• Province of Milan February 6, 2018 • [ hack, government ] The same hackers also claim to have hacked the website of Provincia di Milano (Province of Milan) in Italy.
• Waldo County February 5, 2018 A phishing attack compromised the information of 100 Waldo County employees.
• Partners HealthCare System February 5, 2018 • [ hack, malware, healthcare ] Partners HealthCare System reveals to have discovered a malware attack, occurred in May, 2017 that may have exposed 2,600 patients' information.
• University of Northern Colorado February 5, 2018 • [ hack, education ] The private information of 12 University of Northern Colorado employees is compromised after an "unknown person or group" accessed their profiles on Ursa, UNC's online portal.
• City of Keokuk February 4, 2018 • [ leak, phishing, government ] The City of Keokuk says a data breach resulted in the release of personal information of current and former city employees and elected leaders. An unauthorized party was able to obtain 2017 W-2 tax forms through the use of a "criminal phishing email."
• Autocentrum.pl February 4, 2018 • [ leak, misconfiguration, automotive ] In February 2018, data belonging to the Polish motoring website autocentrum.pl was found online. The data contained 144k email addresses and plain text passwords.
• Ron's Pharmacy Services February 2, 2018 • [ leak, retail ] Ron's Pharmacy Services notifies certain patients of the unauthorized access to certain limited pieces of patient information, including patient names, Ron's Pharmacy internal account numbers, and payment adjustment information.
• Aperio February 1, 2018 Aperio informs of a data breach that occurred when two employees' email accounts were compromised by successful phishing attacks that resulted in auto-forwarding email from those accounts to two external accounts.
• City of Batavia February 1, 2018 The city of Batavia reports employees' personal and financial information was compromised through an email phishing of W-2 tax forms. The information includes names, social security numbers, addresses and earnings.
• Coastal Cape Fear Eye Associates February 1, 2018 • [ ransomware, malware, healthcare ] Coastal Cape Fear Eye Associates notifies HHS of a ransomware incident that impacted 925 patients.
• Purchase Line School District February 1, 2018 • [ social, phishing, education ] The Purchase Line School District is the victim of a email spoofing attack by an individual pretending to be a school district employee.
• City of Pittsburg, Kansas February 1, 2018 • [ social, phishing, government ] The City of Pittsburg in Kansas reveals to have been subjected to a sophisticated phishing scheme targeting employee payroll data. The attack results in the release of sensitive information for current and former city employees who received a W-2 for the 2017 fiscal year.
• Kinetics Systems February 1, 2018 Kinetics Systems falls victim of a phishing attack. The personal information of 11 residents of New Hampshire, including their W-2 forms, is compromised.
• HORNE LLP February 1, 2018 • [ leak, phishing, finance ] HORNE LLP notifies an incident affecting the security of protected health information of certain Forrest General Hospital patients. On November 1, 2017, the company discovered that the email account of one of its employees was sending phishing emails.
• Jobandtalent February 1, 2018 • [ hack, technology ] In approximately February 2018, the employment website Jobandtalent suffered a data breach which then appeared for sale alongside other breaches a year later. The incident impacted 11 million subscribers and exposed their names, email and IP addresses and passwords stored as salted SHA-1 hashes.
• MyFitnessPal February 1, 2018 • [ leak, misconfiguration, technology ] In February 2018, the diet and exercise service MyFitnessPal suffered a data breach. The incident exposed 144 million unique email addresses alongside usernames, IP addresses and passwords stored as SHA-1 and bcrypt hashes (the former for earlier accounts, the latter for newer accounts). In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it to be attributed to "BenjaminBlue@exploit.im".