Full List

Search

Recent Breaches

• 45 Committee February 6, 2017 The website of 45 Committee, a PAC supporting President Donald Trump, is defaced.
• Verity Health System February 6, 2017 • [ healthcare ] Verity Health System has now issued a statement about a breach reported to HHS on January 11 as affecting 10,164 patients.
• Logic Supply February 6, 2017 US-based industrial computer supplier Logic Supply resets user passwords following an unauthorized access through the firm's website, which may have exposed customer/company names, usernames and passwords, and order information.
• Email accounts of Irish solicitors February 5, 2017 • [ financial, hack, finance ] The Sunday Independent reveals that cybercriminals are hacking the email accounts of Irish solicitors in an attempt to steal tens of thousands of euro from unsuspecting home buyers.
• Police Security Service February 4, 2017 • [ hack, government ] A threat actor targeted the computer networks of the Norwegian government: the Ministry of Foreign Affairs, the army, a nuclear radiation protection agency, and a parliamentary group.
• Freedom Hosting II February 3, 2017 • [ leak, technology ] The Anonymous take down Freedom Hosting II, the largest repository of dark web sites. The hackers are able to steal 75 GB worth of files and 2.6 GB of databases.
• Manatee County School District February 3, 2017 • [ social, phishing, education ] The Manatee County School District is the victim of a phishing scam that compromises the information from almost 8,000 employees.
• Norwegian Labour Party February 3, 2017 • [ hack, government ] Norway's security service says nine email accounts including those belonging to the Labour party, the foreign ministry and defense ministry have been targeted by hackers belonging to APT29.
• Tiverton Town Council February 3, 2017 • [ ransomware, malware, government ] John Vanderwolfe, a town clerk wipes council documents dating back to 2015 after mistakenly opening an email containing a ransomware malware.
• PoliceOne February 3, 2017 Motherboard reveals that a hacker going with the handle of Berkut is selling a database allegedly containing over 700,000 user accounts from PoliceOne, a popular law enforcement forum.
• City of Troy February 2, 2017 • [ ransomware, malware, government ] The City of Troy computer system is the victim of a ransomware attack.
• Sunny 107.9 WFBS-LPFM January 31, 2017 • [ hack, misconfiguration, technology ] Another station is hijacked to play the "F*** Donald Trump" song.
• CD Projekt Red January 31, 2017 • [ hack, technology ] CD Projekt Red, the Poland-based developer behind the popular 'Witcher' game and comic series, is hit with a forum hack that compromised over 1.8 million user credentials. The hack allegedly took place in March of last year.
• Linking County January 31, 2017 • [ ransomware, malware, government ] Linking County servers are targeted by a ransomware infection.
• Czech Foreign Ministry January 31, 2017 Czech Foreign Minister Lubomir Zaoralek says that hackers breached dozens of email accounts at the Czech Foreign Ministry in an attack resembling one against the U.S. Democratic Party.
• Xbox 360 ISO Forums January 31, 2017 • [ hack, malware ] An unidentified hacker reportedly breaches the XBOX 360 and PlayStation Portable ISO forums compromising 2.5 million gamer accounts. The breach is unconfirmed.
• Freedom Hosting II January 31, 2017 • [ hack, misconfiguration, technology ] In January 2017, the free hidden service host Freedom Hosting II suffered a data breach. The attack allegedly took down 20% of dark web sites running behind Tor hidden services with the attacker claiming that of the 10,613 impacted sites, more than 50% of the content was child pornography. The hack led to the exposure of MySQL databases for the sites which included a vast amount of information on the hidden services Freedom Hosting II was managing. The impacted data classes far exceeds those listed for the breach and differ between the thousands of impacted sites.
• Polish Foreign Ministry January 30, 2017 • [ hack, government ] The Polish daily newspaper Rzeczpospolita reveals that the hack against the Polish Foreign Ministry that occurred in December was probably orchestrated by APT28.
• Romantik Seehotel Jaegerwirt January 30, 2017 One of Europe's top hotels, Romantik Seehotel Jaegerwirt, admits they had to pay thousands in Bitcoin ransom to cybercriminals who managed to hack their electronic key system, locking hundreds of guests out of their rooms until the money was paid.
• DataCamp January 30, 2017 • [ leak, education ] In December 2018, the data science website DataCamp suffered a data breach of records dating back to January 2017. The incident exposed 760k unique email and IP addresses along with names and passwords stored as bcrypt hashes. In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it to be attributed to "BenjaminBlue@exploit.im".