Full List

Search

Recent Breaches

• PVHS-ICM Employee Health and Wellness July 1, 2017 • [ ransomware, malware, healthcare ] PVHS-ICM Employee Health and Wellness notifies its patients to have been hit by a ransomware attack.
• Wolf Creek Nuclear Operating Corporation June 30, 2017 • [ hack, phishing, energy ] A threat actor targeted employees of companies that operate nuclear power plants in the United States, which prompted the Department of Homeland Security and the FBI to issue an alert to the industry. An administrative network of the Wolf Creek Nuclear Operating Corporation was compromised.
• Bithumb June 29, 2017 • [ hack, finance ] The largest bitcoin and ether exchange in South Korea by volume, Bithumb, is hacked. The losses could be in the billions of won.
• ClassicEtherWallet June 29, 2017 • [ financial, phishing, finance ] An unknown attacker gains control over the web domain of Classic Ether Wallet, a client-side wallet system for the Ethereum Classic (ETC) cryptocurrency, being able to phish credentials and redirect transactions. Based on reported cases, the hacker might have stolen nearly $300,000.
• Ventura County Office Of Education June 28, 2017 The websites of numerous school districts in Ventura County go offline amid an attack able to redirect users to a group's webpage where pro-ISIS views were posted.
• Undetermined June 27, 2017 • [ ransomware, malware, finance ] Threat actors deploy a tool, called NotPetya, with the purpose of encrypting data on victims' machines and rendering it unusable. The malware was spread through tax software that companies and individuals require for filing taxes in Ukraine and spread globally.'Australia, Estonia,'Denmark, Lithuania, Ukraine, the United Kingdom, and the United States issued statements attributing NotPetya to Russian state-sponsored actors.
• 8tracks June 27, 2017 • [ leak, technology ] Motherboard reveals that millions of accounts for internet radio service 8tracks are being traded on the digital underground. The total number of affected accounts could be as high as 18 million.
• 8tracks June 27, 2017 • [ hack, misconfiguration, technology ] In June 2017, the online playlists service known as 8Tracks suffered a data breach which impacted 18 million accounts. In their disclosure, 8Tracks advised that "the vector for the attack was an employees GitHub account, which was not secured using two-factor authentication". Salted SHA-1 password hashes for users who didn't sign up with either Google or Facebook authentication were also included. The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies and contained almost 8 million unique email addresses. The complete set of 18M records was later provided by JimScott.Sec@protonmail.com and updated in HIBP accordingly.
• Korrespondent.net June 27, 2017 • [ NotPetya, ransomware, malware ] Threat actors deploy a tool, called NotPetya, with the purpose of encrypting data on victims' machines and rendering it unusable. The malware was spread through tax software that companies and individuals require for filing taxes in Ukraine and spread globally.'Australia, Estonia,'Denmark, Lithuania, Ukraine, the United Kingdom, and the United States issued statements attributing NotPetya to Russian state-sponsored actors.
• Ohio Gov. John Kasich's Website June 25, 2017 Ohio Gov. John Kasich's website is hacked, appearing to show pro-ISIS propaganda. Ohio first lady Karen Kasich's website, along with the Ohio Department of Rehabilitation and Corrections website, are also hacked.
• Microsoft June 23, 2017 • [ leak, technology ] A massive trove of Microsoft's internal Windows 10 operating system builds and portions of its core source code (a total of 32TB) are leaked online.
• UK Parliament June 23, 2017 • [ hack, brute-force, government ] Up to 90 email accounts are compromised amid a brute-force cyber-attack on UK Parliament.
• Microsoft June 22, 2017 British police announces to have arrested two suspects part of an international group that hacked into Microsoft's network.
• Airway Oxygen June 22, 2017 • [ ransomware, malware, healthcare ] Airway Oxygen notifies that a ransomware attack in mid-April resulted in the compromise of data belonging to 550,000 customers and employees.
• Cleveland Medical Associates June 22, 2017 • [ ransomware, malware, healthcare ] Cleveland Medical Associates reveals the details of a ransomware attack that happened on April 21, 2017.
• Illinois State Board of Elections June 22, 2017 • [ hack, government ] New details emerge about the alleged hacks before the 2016 elections. Ken Menzel, general counsel of the State Board of Elections, reveals that nearly 90,000 records containing personal information were accessed by Russian hackers, with 90 percent of those records containing some kind of personal information.
• Skype June 21, 2017 • [ hack, ddos, technology ] A hacking group called CyberTeam claims responsibility for a DDoS attack against Skype.
• Election systems in 21 US states June 21, 2017 • [ hack, government ] Jeanette Manfra of the Department of Homeland Security (DHS), during her testimony before a Senate panel, reveals that Russian hackers targeted election systems in 21 US states during last year's campaign.
• admin June 20, 2017 • [ hack, government ] A hacker calling himself Vigilance hacks a database belonging to the Minnesota state government, and steals about 1,400 email addresses and passwords.
• Christian Ferry June 20, 2017 A threat actor targeted individuals who were political critics and business rivals of Ricardo Martinelli, president of Panama between 2009 and 2014, for espionage purposes. The threat actor uses the Pegasus tool, created by the NSO Group. One of the victims is Christian Ferry, a political consultant who advised the 2014 campaign of Martinelli's successor: Juan Carlos Varela.