Full List

Search

Recent Breaches

• Channel 2 December 1, 2016 • [ hack, technology ] Two main news channels in Israel were hacked and the attackers broadcasted a 30-second clip showing images of Muslim holy sites and Quranic scriptures.
• Saudi Arabian Ministry of Transportation December 1, 2016 • [ hack, malware, government ] An Iranian threat actor used malware known as Shamoon 2.0 to compromise and destroy computers at the General Authority of Civil Aviation of Saudi Arabia.
• Post Office December 1, 2016 • [ hack, ddos, technology ] Thousands of TalkTalk and Post Office customers have had their internet access cut by an attack targeting certain types of internet routers.
• Warmane December 1, 2016 In approximately December 2016, the online service for World of Warcraft private servers Warmane suffered a data breach. The incident exposed over 1.1M accounts including usernames, email addresses, dates of birth and salted MD5 password hashes. The data was subsequently extensively circulated online and was later provided to HIBP by whitehat security researcher and data analyst Adam Davies.
• FashionFantasyGame December 1, 2016 • [ leak, misconfiguration, technology ] In late 2016, the fashion gaming website Fashion Fantasy Game suffered a data breach. The incident exposed 2.3 million unique user accounts and corresponding MD5 password hashes with no salt. The data was contributed to Have I Been Pwned courtesy of rip@creep.im.
• Youku December 1, 2016 • [ leak, technology ] In late 2016, the online Chinese video service Youku suffered a data breach. The incident exposed 92 million unique user accounts and corresponding MD5 password hashes. The data was contributed to Have I Been Pwned courtesy of rip@creep.im.
• Erasmus University November 30, 2016 • [ leak, education ] The Erasmus University is the victim of a breach affecting 270,000 students, whose personal information is compromised.
• Rahul Gandhi Twitter account November 30, 2016 • [ hack, government ] The Twitter account of Rahul Gandhi, the heir of the Indian National Congress Party, India's oldest political party, is hacked.
• The National Lottery November 30, 2016 About 26,500 National Lottery accounts are feared to have been hacked, according to its operator Camelot. However the firm says it does not believe its own systems has been compromised, but rather that the players' login details had been stolen from elsewhere.
• Deutsche Telekom November 29, 2016 • [ hack, malware, technology ] 900,000 Deutsche Telekom customers are knocked off the internet when their routers are hit by a malware attack launched through the Mirai Botnet exploiting a SOAP Remote Execution Vulnerability.
• European Commission November 29, 2016 • [ hack, ddos, government ] The European Commission (EC) is the target of a distributed denial of service (DDoS) that leads to a breakdown in internet services for hours.
• The Carleton University November 29, 2016 • [ ransomware, malware, education ] The computers of the Carleton University are paralyzed by a ransomware attack.
• Muni (San Francisco's Transit System) November 28, 2016 Computer systems at San Francisco's transit system, Muni, are paralyzed following a malware attack. The author of the attack asks for a ransom of $73,000.
• Japanese Defence Ministry November 28, 2016 • [ hack, government ] Kyodo News reveals that the network of the Japanese Defence Ministry was the target of a cyber-attack in September this year.
• Columbia County School District November 28, 2016 Columbia County School District in Georgia is hit by a breach that compromised personal data, including Social Security numbers, of staff.
• xHamster November 28, 2016 • [ hack, malware, technology ] In November 2016, news broke that hackers were trading hundreds of thousands of xHamster porn account details. In total, the data contained almost 380k unique user records including email addresses, usernames and unsalted MD5 password hashes.
• Valartis Bank November 27, 2016 Hackers are blackmailing the customers of Valartis Bank, a Liechtenstein bank, asking victims to send 10% of their funds to a Bitcoin address or have their bank accounts details exposed online.
• The High Commission of Ghana November 26, 2016 • [ hack, government ] Kapustkiy breaches the websites of the High Commission of Ghana and the High Commission of Fiji.
• Quest Diagnostics November 26, 2016 • [ hack, misconfiguration, healthcare ] Quest Diagnostics says it is investigating a recent hack that exposed the personal health information of about 34,000 people. An "unauthorized third party" gained access to names, dates of birth, lab results and, in some cases, telephone numbers on Nov. 26 through a mobile health app that gives patients access to lab results and other information.
• careers.kna.kw (official website of the Kuwaiti parliament) November 26, 2016 • [ hack, government ] The official website of the Kuwaiti parliament is defaced by hackers on their parliamentary election day. The hackers deface the main page leaving a message in Arabic accusing Abdul Hamid Dashti, a member of parliament (MP) of being an Iranian agent and urged other MPs to unite against him.