Full List

Search

Recent Breaches

• Apple February 23, 2017 • [ hack, malware, technology ] A mid-2016 security incident led to Apple purging its data centers of servers built by Supermicro, including returning recently purchased systems, after malware-infected firmware was reportedly detected in an internal development environment of Apple's technical infrastructure, which powers its web-based services and holds customer data.
• Retina-X February 23, 2017 • [ hack, misconfiguration, technology ] In February 2017, the mobile device monitoring software developer Retina-X was hacked and customer data downloaded before being wiped from their servers. The incident was covered in the Motherboard article titled Inside the 'Stalkerware' Surveillance Market, Where Ordinary People Tap Each Other's Phones. The service, used to monitor mobile devices, had 71k email addresses and MD5 hashes with no salt exposed. Retina-X disclosed the incident in a blog post on April 27, 2017.
• Bitfinex February 22, 2017 • [ hack, ddos, finance ] Top Bitcoin trading platform Bitfinex is hit by a "severe DDoS attack."
• South Washington County School District February 22, 2017 • [ hack, education ] The South Washington County school district tightens security after a high school student hacks into the district's server and takes names, Social Security numbers and some addresses.
• Coachella Music Festival February 22, 2017 • [ leak ] Nearly one million Coachella accounts are reportedly currently up for sale on the dark web.
• Coachella February 22, 2017 In February 2017, hundreds of thousands of records from the Coachella music festival were discovered being sold online. Allegedly taken from a combination of the main Coachella website and their vBulletin-based message board, the data included almost 600k usernames, IP and email addresses and salted hashes of passwords (MD5 in the case of the message board).
• Unknown Organization February 20, 2017 • [ hack, retail ] A hacker claims to have hacked the official web forum of a gun retailer Airsoft GI (airsoftgiforum.com) and uploaded its data on Dropbox.
• Asiana Airlines February 19, 2017 • [ hack ] Kuroi'SH defaces the official website of Asiana Airlines, one of the major airlines in South Korea.
• secure2donaldjtrump February 19, 2017 A hacked dubbed Pro_Mast3r defaces a server associated with President Donald Trump's presidential campaign donations.
• Unnamed Oklahoma agency February 18, 2017 The Office of Management and Enterprise Services confirms that an unnamed agency has been targeted by ransomware.
• Family Service Rochester February 18, 2017 Family Services Rochester notifies individuals that portions of its computer systems that contained personal information have been compromised by ransomware.
• Zcoin February 17, 2017 • [ hack, misconfiguration, finance ] A simple one-digit typo within the source code of a cryptocurrency called Zcoin has allowed a hacker to make a profit of over $400,000 worth of cryptocurrency.
• Lexington Medical Center February 17, 2017 • [ hack, healthcare ] Lexington Medical Center notifies employees of a breach affecting its database.
• Bingham County February 17, 2017 • [ ransomware, malware, government ] Hackers demand $25K-$30K after ransomware attack takes down Bingham County servers.
• FreeOnes February 16, 2017 • [ leak ] In February 2017, the forum for the adult website FreeOnes suffered a data breach that was later redistributed as part of a larger corpus of data. The data included 960k unique email addresses alongside usernames, IP addresses and salted MD5 password hashes.
• Yahoo! February 15, 2017 • [ espionage, misconfiguration, technology ] Yahoo sends out another round of notifications to users, warning some that their accounts may have been breached as recently as last year. The accounts were affected by a flaw in Yahoo's mail service that allowed an attacker, most likely a "state actor", according to Yahoo, to use a forged cookie created by software stolen from within Yahoo's internal systems to gain access accounts without a password.
• PharmaNet February 15, 2017 • [ hack, phishing, government ] The personal information of approximately 7,500 British Columbians may have been compromised through the provincial government's PharmaNet system, when an "unknown/unauthorized person obtained and used a physician's login to access PharmaNet."
• Unknown Organization February 15, 2017 • [ hack, ddos, government ] The websites of the Montenegrin government and several state institutions, as well as some pro-government media, are targeted with multiple cyberattacks started since February 15th. Among the victims is the web portal of the Government of Montenegro (www.gov.me).
• Citizens Memorial Hospital February 14, 2017 • [ social, phishing, healthcare ] Citizens Memorial Hospital employees' data are compromised by a W-2 phishing scam.
• San Antonio Symphony February 14, 2017 • [ hack, leak ] Computer hackers break into the computer network for the San Antonio Symphony, stealing the names, birth dates, Social Security numbers, addresses and W-2 tax forms for about 250 employees.