Full List

Search

Recent Breaches

• Equifax July 29, 2017 • [ financial, technology ] Equifax, reveals to have been hit by a data breach that could potentially affect 143 million consumers in the United States. The breach was discovered on July 29th.
• Plastic Surgery Associates July 29, 2017 • [ ransomware, malware, healthcare ] Plastic Surgery Associates reveals that a data breach may have compromised patient records after it was hit with a ransomware attack earlier this year on 12 February.
• Women's Health Care Group of PA (WHCGPA) July 29, 2017 • [ ransomware, malware, healthcare ] Women's Health Care Group of PA (WHCGPA) reveals to have been hit by ransomware on May 16, 2017. 300,000 patient records are affected.
• CIA July 28, 2017 WikiLeaks publishes three new alleged CIA hacking tools as part of its new Vault 7 dump.
• WestJet July 28, 2017 WestJet says it is working with police in Calgary and the RCMP cybercrime unit after some members' profile data were disclosed online.
• Macron Campaign July 27, 2017 • [ espionage, social, government ] Reuters reveals that Russian intelligence agents attempted to spy on President Emmanuel Macron's election campaign earlier this year by creating phony Facebook personas.
• Virgin America July 27, 2017 • [ hack ] Virgin America confirms that a hacker broke into its corporate network earlier this year on March 13.
• MALL.cz July 27, 2017 • [ leak, brute-force, retail ] In July 2017, the Czech Republic e-commerce site MALL.cz suffered a data breach after which 735k unique accounts including email addresses, names, phone numbers and passwords were later posted online. Whilst passwords were stored as hashes, a number of different algorithms of varying strength were used over time. All passwords included in the publicly distributed data were in plain text and were likely just those that had been successfully cracked (members with strong passwords don't appear to be included). According to MALL.cz, the breach only impacted accounts created before 2015.
• Victoria Justice's Twitter account July 26, 2017 • [ hack, technology ] Victoria Justice's Twitter account is hacked. The attacker claims to reveal nude pictures.
• UniCredit July 26, 2017 • [ hack, finance ] UniCredit SpA, Italy's No. 1 bank, says that hackers took biographical and loan data from 400,000 client accounts. The attack occurred in September and October of 2016 and June and July of this year.
• Kylie Jenner's Snapchat account July 25, 2017 • [ hack, technology ] Kylie Jenner's Snapchat account is hacked. The attacker claims to reveal nude pictures.
• Veritaseum July 24, 2017 Another day another Ethereum related breach. This time the target is Veritaseum, whose Initial Coin Offering (ICO) suffers a data breach in which around US$8.4 million worth of Ethereum are stolen.
• Sarah Hyland July 24, 2017 • [ leak ] Nude photos and video of Sarah Hyland are leaked online.
• Bank of America customers July 21, 2017 • [ social, phishing, finance ] A new campaign targets Bank of America customers via emails pretending to be from representatives of the Bank of America.
• University of Vermont Medical Center July 21, 2017 University of Vermont Medical Center notifies 2,300 patients of a phishing incident that occurred back in May 2017.
• Newcastle University July 20, 2017 • [ social, phishing, education ] Newcastle University issues an alert, warning prospective students to be careful when seeking to apply and pay online for courses, after discovering the existence of a sophisticated phishing scam.
• Kansas Department of Commerce July 20, 2017 • [ hack, government ] A security breach in the Kansas Department of Commerce exposes millions of Social Security numbers from people across 10 states to hackers. Many other accounts are also attacked.
• Loblaws July 19, 2017 • [ hack, retail ] According to an email sent out to Loblaws account holders, the security of a 'small number' of accounts has been compromised, marking the second time the company has suffered a security breach this year. Comprised websites include Loblaws.ca, Joefresh.com and Beautyboutique.ca.
• KQED July 18, 2017 • [ ransomware, malware, technology ] KQED, a San Francisco radio station is still recovering from a ransomware attack, nearly one month after.
• B2B USA Businesses July 18, 2017 In mid-2017, a spam list of over 105 million individuals in corporate America was discovered online. Referred to as "B2B USA Businesses", the list categorised email addresses by employer, providing information on individuals' job titles plus their work phone numbers and physical addresses. Read more about spam lists in HIBP.