Full List

Search

Recent Breaches

• catropaejb.com.ve December 2, 2016 Kapustkiy hacks a website belonging to the Venezuelan army (catropaejb.com.ve) and exposes a total of 3,000 accounts.
• Central Bank of Russia December 2, 2016 The Central Bank of Russia confirms that in 2016 unknown hackers stole 2 billion rubles, equivalent to $31 million from accounts of the Central Bank.
• Health Solutions December 2, 2016 The website of Health Solutions, one of the largest diagnostic laboratories in India, is breached, with hackers accessing a database that included no less than 35,000 medical records, including HIV reports for registered patients.
• Professional football players December 2, 2016 A group called Football Leaks dumps 1.9 terabytes of data, covering 18.6 million private documents, related to professional football players. The documents are handed over to the German publication Der Spiegel.
• Shiseido Co. December 2, 2016 Japanese cosmetics maker Shiseido Co. says that the online store run by subsidiary IPSA Co. has suffered illegal access and that personal information on about 420,000 customers may have leaked as a result.
• Saudi Arabian Monetary Agency December 2, 2016 • [ hack, malware, finance ] Eight Saudi institutions are hit by a destructive cyber attack allegedly generating from Iran, carried on using a new version of the infamous Shamoon Malware. Among the victims is the Saudi Arabian Monetary Agency, the country's central bank.
• Biohack.me December 2, 2016 In December 2016, the forum for the biohacking website Biohack.me suffered a data breach that exposed 3.4k accounts. The data included usernames, email addresses and hashed passwords along with the private messages of forum members. The data was self-submitted to HIBP by the Biohack.me operators.
• Channel 2 December 1, 2016 • [ hack, technology ] Two main news channels in Israel were hacked and the attackers broadcasted a 30-second clip showing images of Muslim holy sites and Quranic scriptures.
• Saudi Arabian Ministry of Transportation December 1, 2016 • [ hack, malware, government ] An Iranian threat actor used malware known as Shamoon 2.0 to compromise and destroy computers at the General Authority of Civil Aviation of Saudi Arabia.
• Post Office December 1, 2016 • [ hack, ddos, technology ] Thousands of TalkTalk and Post Office customers have had their internet access cut by an attack targeting certain types of internet routers.
• Warmane December 1, 2016 In approximately December 2016, the online service for World of Warcraft private servers Warmane suffered a data breach. The incident exposed over 1.1M accounts including usernames, email addresses, dates of birth and salted MD5 password hashes. The data was subsequently extensively circulated online and was later provided to HIBP by whitehat security researcher and data analyst Adam Davies.
• FashionFantasyGame December 1, 2016 • [ leak, misconfiguration, technology ] In late 2016, the fashion gaming website Fashion Fantasy Game suffered a data breach. The incident exposed 2.3 million unique user accounts and corresponding MD5 password hashes with no salt. The data was contributed to Have I Been Pwned courtesy of rip@creep.im.
• Youku December 1, 2016 • [ leak, technology ] In late 2016, the online Chinese video service Youku suffered a data breach. The incident exposed 92 million unique user accounts and corresponding MD5 password hashes. The data was contributed to Have I Been Pwned courtesy of rip@creep.im.
• Erasmus University November 30, 2016 • [ leak, education ] The Erasmus University is the victim of a breach affecting 270,000 students, whose personal information is compromised.
• Rahul Gandhi Twitter account November 30, 2016 • [ hack, government ] The Twitter account of Rahul Gandhi, the heir of the Indian National Congress Party, India's oldest political party, is hacked.
• The National Lottery November 30, 2016 About 26,500 National Lottery accounts are feared to have been hacked, according to its operator Camelot. However the firm says it does not believe its own systems has been compromised, but rather that the players' login details had been stolen from elsewhere.
• Deutsche Telekom November 29, 2016 • [ hack, malware, technology ] 900,000 Deutsche Telekom customers are knocked off the internet when their routers are hit by a malware attack launched through the Mirai Botnet exploiting a SOAP Remote Execution Vulnerability.
• European Commission November 29, 2016 • [ hack, ddos, government ] The European Commission (EC) is the target of a distributed denial of service (DDoS) that leads to a breakdown in internet services for hours.
• The Carleton University November 29, 2016 • [ ransomware, malware, education ] The computers of the Carleton University are paralyzed by a ransomware attack.
• Muni (San Francisco's Transit System) November 28, 2016 Computer systems at San Francisco's transit system, Muni, are paralyzed following a malware attack. The author of the attack asks for a ransom of $73,000.