-
Med Associates
June 19, 2018
•
[ financial, healthcare ]
Med Associates notifies its patients that the facility suffered a data breach on March 22, when unusual activity was detected, potentially exposing PII, including medical diagnosis and payment card information of about 270,000 patients.
-
CarePartners
June 18, 2018
•
[ hack, healthcare ]
CarePartners' computer system is breached and as a result patient and employee information including personal health and financial information, are inappropriately accessed.
-
Flightradar24
June 18, 2018
•
[ leak, technology ]
Users of the popular flight-tracking site Flightradar24 are told to change their passwords after the site warns of a data breach. The breach may have compromised the email addresses and hashed passwords for a small subset of Flightradar24 users (those who registered prior to March 16, 2016).
-
Mortal Online
June 17, 2018
In June 2018, the massively multiplayer online role-playing game (MMORPG) Mortal Online suffered a data breach. A file containing 570k email addresses and cracked passwords was subsequently distributed online. A larger more complete file containing 607k email addresses with original unsalted MD5 password hashes along with names, usernames and physical addresses was later provided and the original breach in HIBP was updated accordingly. The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.
-
Liberty Life
June 16, 2018
•
[ ransomware, malware, finance ]
Liberty Life's IT system are attacked by unknown hackers, who reportedly obtain sensitive data about some of the insurer's top clients and ask for a ransom.
-
Med Associates
June 14, 2018
•
[ leak, healthcare ]
Med Associates, notifies of a security incident that may have compromised its patients protected information.
-
HealthEquity
June 14, 2018
About 23,000 accounts are compromised by a data breach that took place at HealthEquity in April when an employee fell for a phishing scam.
-
Dixons Carphone
June 13, 2018
Dixons Carphone has admitted a huge data breach involving 5.9 million payment cards and 1.2 million personal data records. The breach began in July last year and 105,000 cards without chip-and-pin protection have been leaked.
-
Mongolian government data center
June 13, 2018
•
[ espionage, malware, government ]
A threat actor has compromised a government data center in Mongolia. Kaspersky Lab assesses that the threat actor used its access to compromise websites that they will use in subsequent watering-hole attacks.
-
Syscoin
June 13, 2018
•
[ hack, malware, finance ]
Malicious actors replace the legitimate Windows installer for Syscoin's cryptocurrency with a version containing malware, which was available on the company's Github page for several days.
-
Black River Medical Center
June 13, 2018
•
[ social, phishing, healthcare ]
Black River Medical Center in Missouri notifies an unspecified number of patients potentially affected by a phishing incident discovered on April 23.
-
AcFun
June 13, 2018
According to a statement by the company, millions of user accounts of the Chinese video sharing platform AcFun are hacked. According to the same statement, the accessed data includes the user IDs, nicknames and passwords of nearly 10 million users.
-
Clarifai
June 12, 2018
A lawsuit filed by a former employee alleges that AI startup Clarifai's computer systems were compromised by one or more people in Russia, potentially exposing technology used by the US military. The lawsuit says Clarifai learned of the breach last November, but that Clarifai's CEO and other executives did not promptly report it to the Pentagon.
-
Mexican National Action Party (PAN)
June 12, 2018
•
[ hack, government ]
The website of the Mexican National Action Party is hit by a cyber attack during the final television debate between presidential candidates ahead of the July 1 vote, after the site had published documents critical of the leading candidate.
-
slovensko
June 12, 2018
•
[ hack, ddos, government ]
Several Slovakian websites including the Slovak Hydro-meteorological Institute and slovensko.sk are hit by a wave of DDoS attacks.
-
Massachusetts Clean Energy Center
June 12, 2018
•
[ financial, government ]
An audit reveals that a scammer stole nearly $94,000 in public funds from the Massachusetts Clean Energy Center last year.
-
Trik Spam Botnet
June 12, 2018
In June 2018, the command and control server of a malicious botnet known as the "Trik Spam Botnet" was misconfigured such that it exposed the email addresses of more than 43 million people. The researchers who discovered the exposed Russian server believe the list of addresses was used to distribute various malware strains via malspam campaigns (emails designed to deliver malware).
-
South Korean Think Tank
June 11, 2018
•
[ espionage, malware, government ]
North Korea-linked Lazarus APT Group planted an ActiveX zero-day exploit on the website of a South Korean think tank focused on national security.
-
Bank of Chile
June 11, 2018
Shares in the Bank of Chile are down after it confirms hackers siphon off $10 million of its funds, mainly to Hong Kong. However the bank says no client accounts have been impacted. Apparently a wiper malware was used to conceal the real purpose of the attack.
-
Coinrail
June 11, 2018
•
[ hack, financial, finance ]
Coinrail, a South Korean cryptocurrency exchange, says that its systems have been hacked. It is believed that hackers stole about 40 billion won (US$37.2 million) worth of cryptocurrency from Coinrail, including 21 billion won worth of Pundi X and 14.9 billion won worth of Aston.