Full List

Search

Recent Breaches

• Japanese Defence Ministry November 28, 2016 • [ hack, government ] Kyodo News reveals that the network of the Japanese Defence Ministry was the target of a cyber-attack in September this year.
• Columbia County School District November 28, 2016 Columbia County School District in Georgia is hit by a breach that compromised personal data, including Social Security numbers, of staff.
• xHamster November 28, 2016 • [ hack, malware, technology ] In November 2016, news broke that hackers were trading hundreds of thousands of xHamster porn account details. In total, the data contained almost 380k unique user records including email addresses, usernames and unsalted MD5 password hashes.
• Valartis Bank November 27, 2016 Hackers are blackmailing the customers of Valartis Bank, a Liechtenstein bank, asking victims to send 10% of their funds to a Bitcoin address or have their bank accounts details exposed online.
• The High Commission of Ghana November 26, 2016 • [ hack, government ] Kapustkiy breaches the websites of the High Commission of Ghana and the High Commission of Fiji.
• Quest Diagnostics November 26, 2016 • [ hack, misconfiguration, healthcare ] Quest Diagnostics says it is investigating a recent hack that exposed the personal health information of about 34,000 people. An "unauthorized third party" gained access to names, dates of birth, lab results and, in some cases, telephone numbers on Nov. 26 through a mobile health app that gives patients access to lab results and other information.
• careers.kna.kw (official website of the Kuwaiti parliament) November 26, 2016 • [ hack, government ] The official website of the Kuwaiti parliament is defaced by hackers on their parliamentary election day. The hackers deface the main page leaving a message in Arabic accusing Abdul Hamid Dashti, a member of parliament (MP) of being an Iranian agent and urged other MPs to unite against him.
• United States Anti-Doping Agency November 25, 2016 The cyber-espionage group Fancy Bear has hacked into the confidential emails of senior anti-doping officials from the United States Anti-Doping Agency (USADA).
• Vascular Surgical Associates November 24, 2016 • [ hack, healthcare ] Vascular Surgical Associates notifies patients of a hack discovered in September when a compromised vendor password was used to access an internal computer.
• Ask November 23, 2016 • [ hack, malware, technology ] An unknown attacker hijacks the update mechanism employed by Ask Partner Network (APN) to download suspicious code onto unsuspecting users' PCs.
• Instituto de la Funcion Registral del Estado Mexico (IFREM) November 23, 2016 • [ hack, government ] Gh0s7 hacks the Instituto de la Funcion Registral del Estado Mexico (IFREM) and dumps the entire database.
• Mailchimp November 23, 2016 • [ hack, malware, technology ] Hackers compromise the Mailchimp database and manage to send out emails containing malicious links to subscribers of various different companies.
• Deliveroo November 23, 2016 Customers of takeaway food app Deliveroo have their accounts hacked and run up bills for food that they did not order.
• Madison Square Garden November 22, 2016 • [ hack, financial, retail ] Madison Square Garden Co. admits that hackers may have stolen payment card data at Madison Square Garden, The Theater at Madison Square Garden, Radio City Music Hall, Beacon Theatre and The Chicago Theatre from Nov. 9, 2015 to Oct. 24, 2016.
• Unknown Organization November 21, 2016 The Hungarian Human Rights Foundation website is hacked and the attackers manage to get access to over 20,000 accounts and personal information, including phone numbers and home addresses.
• TheCounter November 21, 2016 TheCounter, a third party Twitter site was hacked over the weekend and various celebrity and media accounts taken over to promote an "increase Twitter followers" service.
• Atlantis, Paradise Island November 21, 2016 Atlantis, Paradise Island announces a recent security incident that may have compromised the security of payment information between March 9, 2016 and October 22, 2016.
• Eastern Indian Regional Council November 20, 2016 • [ hack, government ] Kapustkiy breaks into the Eastern Indian Regional Council and accesses the data of 17,000 students.
• RankWatch November 19, 2016 • [ leak, misconfiguration, technology ] In approximately November 2016, the search engine optimisation management company RankWatch exposed a Mongo DB with no password publicly whereupon their data was exfiltrated and posted to an online forum. The data contained 7.4 million unique email addresses along with names, employers, phone numbers and job titles in a table called "us_emails". When contacted and advised of the incident, RankWatch would not reveal the purpose of the data, where it had been acquired from and whether the data owners had consented to its collection. The forum which originally posted the data explained it as being "in the same vein as the modbsolutions leak", a large list of corporate data allegedly used for spam purposes.
• mobilita November 18, 2016 Kapustkiy hacks an Italian government website (mobilita.gov.it) and dumps 45,000 records.