Full List

Search

Recent Breaches

• Data Enrichment Records December 23, 2016 In December 2016, more than 200 million "data enrichment profiles" were found for sale on the darknet. The seller claimed the data was sourced from Experian and whilst that claim was rejected by the company, the data itself was found to be legitimate suggesting it may have been sourced from other legitimate locations. In total, there were more than 8 million unique email addresses in the data which also contained a raft of other personal attributes including credit ratings, home ownership status, family structure and other fields described in the story linked to above. The email addresses alone were provided to HIBP.
• Official Twitter account of Marvel (@Marvel) December 22, 2016 OurMine hackers strike again and take down the Twitter accounts of Marvel (@Marvel) and other official super heros accounts linked via Tweetdeck.
• Thai Navy December 22, 2016 • [ hack, government ] As part of the same operation the Anonymous hack the Thai Navy.
• FBI December 22, 2016 CyberZeist exploits a zero-day vulnerability in the Plone Content Management System (CMS) of the FBI's website, and leaks some of the information to Pastebin.
• Thai Ministry of Foreign Affairs December 22, 2016 • [ hack, government ] In name of #OpSingleGateway, the Anonymous hack the Thai Ministry of Foreign Affairs and dump more than 3,000 employees' records.
• Unknown Organization December 22, 2016 • [ hack, sqlinjection, government ] Kapustkiy hacks the Costa Rica Embassy in China (costaricaembassycn.com) and dumps 50 of the 280 login credentials.
• Lithuania December 22, 2016 The Baltic state of Lithuania, on the frontline of growing tensions between the West and Russia, says the Kremlin is responsible for cyber attacks that have hit government computers over the last two years.
• Official Google Bangladesh Domain (google.bd) December 21, 2016 • [ hack, technology ] A group of Pakistani hackers going by the online handle of Team Pak Cyber Attackers deface the official Google Bangladesh domain. The group left a deface page along with a message on the targeted domain taunting security measures implemented by Google.
• Tumblr December 21, 2016 • [ hack, ddos, technology ] Tumblr goes down for over two hours as a result of a large-scale DDoS attack.
• Ethereum December 20, 2016 Administrators of the Ethereum Project say the platform incurred a breach affecting more than 16,500 users. The attacker used social engineering to gain access to a mobile phone number which allowed them to gain access to other accounts and ultimately compromise usernames, email addresses, profile data, public and private messages, and hashed passwords.
• Kia December 20, 2016 Ynet News report that dozens of brand new luxury Kia and Hyundai vehicles were stolen in the Jerusalem area after criminals were able to use information from a data leak to obtain data on the cars; three east Jerusalem residents have been arrested. The hackers were able to use the stolen data to hack the cars' computers.
• Thai Ministry of Information and Communication Technology December 20, 2016 The Anonymous take down the websites of the Ministry of Information and Communication Technology and the Ministry of Defence.
• University of Nebraska-Lincoln (UNL) December 20, 2016 • [ hack, education ] In a letter sent to approximately 30,000 current and former students, UNL says that an unauthorized breach of a server hosting a math placement exam occurred sometime in the last two years.
• Official Twitter account of Netflix US (@netflix) December 20, 2016 OurMine hackers strike again and take down the official Twitter accounts of Netflix US (@netflix)
• Lynda December 19, 2016 LinkedIn's online learning unit Lynda.com notifies its 9.5 million users of an unauthorised database breach that contained the contact information and courses viewed of around 55,000 users. The company confirms the hack and says it has reset the passwords.
• Miami Beach City Hall's Sun Trust Bank December 19, 2016 According to reports, malicious cyber-criminals were stealing cash from the bank since the summer of 2016 and the theft remained unnoticed until now. Too late now since the bank has already lost $3.6million.
• Unknown Organization December 19, 2016 • [ hack, sqlinjection ] Kapustkiy breaches the Slovak Chamber of Commerce (www.scci.sk) and accesses the data of more than 4,000 users.
• Unknown Organization December 19, 2016 • [ hack, leak, education ] Cryptolulz666 hacks the database of the Indian Institute of Technology Kharagpur, the second of the country and leaks a part of the 12,000 users.
• Los Angeles County December 18, 2016 • [ hack, education ] Kelvin Onaghinor, a Nigerian national is charged in connection with a hack of Los Angeles County emails that might have exposed personal data from more than 750,000 people who had business with county departments.
• EA Battlefield 1 December 17, 2016 • [ hack, ddos, technology ] The Phantom Squad Collective takes down the servers of EA Battlefield 1.