-
Baptist Health Louisville
December 5, 2017
•
[ social, phishing, healthcare ]
Baptist Health Louisville notifies 880 patients of a phishing incident that occurred in early October.
-
Colorado Center for Reproductive Medicine Minneapolis
December 5, 2017
•
[ ransomware, malware, healthcare ]
Colorado Center for Reproductive Medicine Minneapolis warns customers that, in the wake of a ransomware attack that occurred in October 2017, an unauthorized third-party may have breached the clinic's computer security and viewed or accessed patient information that was on the server.
-
Netshoes
December 5, 2017
Data of 17,908 customers of Brazilian retailer Netshoes is dumped on pastebin.
-
Warwick Rowers
December 5, 2017
•
[ hack, ddos, education ]
The website of a naked charity calendar featuring male rowers at Warwick University is taken down by a DDoS attack after having allegedly offended Russia's "gay propaganda" laws.
-
ai.type
December 5, 2017
•
[ leak, misconfiguration, technology ]
In December 2017, the virtual keyboard application ai.type was found to have left a huge amount of data publicly facing in an unsecured MongoDB instance. Discovered by researchers at The Kromtech Security Center, the 577GB data set included extensive personal information including over 20 million unique email addresses, social media profiles and address book contacts. The email addresses alone were provided to HIBP to enable impacted users to assess their exposure.
-
dvd-shop.ch
December 5, 2017
•
[ leak, misconfiguration, retail ]
In December 2017, the online Swiss DVD store known as dvd-shop.ch suffered a data breach. The incident led to the exposure of 68k email addresses and plain text passwords. The site has since been updated to indicate that it is currently closed.
-
WWE wrestler Maria Kanellis
December 4, 2017
•
[ leak ]
A new batch of explicit photos of WWE wrestler Maria Kanellis is leaked.
-
Mecklenburg County
December 4, 2017
•
[ ransomware, malware, government ]
Mecklenburg County, which includes the city of Charlotte and surrounding areas, is hit with ransomware and struggles to get its systems back online ever since. In the meantime, county officials are forced to revert to paper systems.
-
Mad River Township Fire and EMS station
December 4, 2017
•
[ ransomware, malware, government ]
Mad River Township Fire and EMS station has all its data encrypted by ransomware.
-
Brazil
December 2, 2017
•
[ leak, government ]
The Anonymous leak some topology data belonging to Brazilian public sector.
-
TIO Networks
December 1, 2017
•
[ leak, finance ]
PayPal Holdings suspends the operations of TIO Networks, a publicly traded payment processor PayPal acquired in July 2017, after a review of TIO's network has identified a potential compromise of personally identifiable information for approximately 1.6 million customers.
-
Tenafly High School
December 1, 2017
•
[ insider, misconfiguration, education ]
Tenafly High School informs parents that a student has gained access to its internal IT systems, changed grades to improve his GPA, and sent out college applications immediately after.
-
Union Grove School District
November 30, 2017
Several East Texas school districts are affected by ransomware, according to a notice from the Texas Department of Agriculture. Affected school districts include New Diana, Ore City, Gilmer, Gladewater, Harleton, Harrison County Juvenile Services, Karnack, Union Grove and Union Hill.
-
Open CS:GO
November 28, 2017
In December 2017, the website for purchasing Counter-Strike skins known as Open CS:GO (Counter-Strike: Global Offensive) suffered a data breach (address since redirects to dropgun.com). The 10GB file contained an extensive amount of personal information including email and IP addresses, phone numbers, physical addresses and purchase histories. Numerous attempts were made to contact Open CS:GO about the incident, however no responses were received.
-
Bulletproof Coffee
November 27, 2017
Bulletproof Coffee, the company behind the trendy energy-boosting, butter-infused java, says it has suffered a data breach, compromising the personal and financial details of its customers. The company discovered "unauthorised computer code" added to the software that operates the checkout page on its website.
-
Siemens
November 27, 2017
•
[ espionage, hack, manufacturing ]
The U.S. Department of Justice indicted three members of Boyusec, a China-based internet security firm, on charges including conspiring to commit computer fraud and abuse and conspiring to commit trade-secret theft. The victims included Moody's Analytics, Siemens, and Trimble. Though not mentioned in the indictment, Boyusec is believed to work on behalf of China's Ministry of State Security and be a front for APT3.
-
Imgur
November 23, 2017
•
[ leak, technology ]
Imgur is notified of a potential security breach that occurred in 2014 and affected the email addresses and passwords of 1.7 million user accounts.
-
Bitcoin Gold
November 22, 2017
•
[ financial, phishing, finance ]
More than $3.3 million worth of Cryptocurrency is stolen as part of an elaborate scam that took advantage of bitcoin users seeking to claim their share of the newly created cryptocurrency Bitcoin Gold.
-
Loake Shoes
November 22, 2017
•
[ hack, retail ]
Loake Shoes warns its customers to have been the victim of a cyber attack. Apparently the email server has been compromised even if no other details are disclosed.
-
Single individual's Bitcoin wallet
November 22, 2017
Austrian police say cyber-thieves transferred bitcoin worth more than 100,000 ($117,000) from a man's account while he was logged in on a restaurant's public WiFi network.