Full List

Search

Recent Breaches

• United States Anti-Doping Agency November 25, 2016 The cyber-espionage group Fancy Bear has hacked into the confidential emails of senior anti-doping officials from the United States Anti-Doping Agency (USADA).
• Vascular Surgical Associates November 24, 2016 • [ hack, healthcare ] Vascular Surgical Associates notifies patients of a hack discovered in September when a compromised vendor password was used to access an internal computer.
• Ask November 23, 2016 • [ hack, malware, technology ] An unknown attacker hijacks the update mechanism employed by Ask Partner Network (APN) to download suspicious code onto unsuspecting users' PCs.
• Instituto de la Funcion Registral del Estado Mexico (IFREM) November 23, 2016 • [ hack, government ] Gh0s7 hacks the Instituto de la Funcion Registral del Estado Mexico (IFREM) and dumps the entire database.
• Mailchimp November 23, 2016 • [ hack, malware, technology ] Hackers compromise the Mailchimp database and manage to send out emails containing malicious links to subscribers of various different companies.
• Deliveroo November 23, 2016 Customers of takeaway food app Deliveroo have their accounts hacked and run up bills for food that they did not order.
• Madison Square Garden November 22, 2016 • [ hack, financial, retail ] Madison Square Garden Co. admits that hackers may have stolen payment card data at Madison Square Garden, The Theater at Madison Square Garden, Radio City Music Hall, Beacon Theatre and The Chicago Theatre from Nov. 9, 2015 to Oct. 24, 2016.
• Unknown Organization November 21, 2016 The Hungarian Human Rights Foundation website is hacked and the attackers manage to get access to over 20,000 accounts and personal information, including phone numbers and home addresses.
• TheCounter November 21, 2016 TheCounter, a third party Twitter site was hacked over the weekend and various celebrity and media accounts taken over to promote an "increase Twitter followers" service.
• Atlantis, Paradise Island November 21, 2016 Atlantis, Paradise Island announces a recent security incident that may have compromised the security of payment information between March 9, 2016 and October 22, 2016.
• Eastern Indian Regional Council November 20, 2016 • [ hack, government ] Kapustkiy breaks into the Eastern Indian Regional Council and accesses the data of 17,000 students.
• RankWatch November 19, 2016 • [ leak, misconfiguration, technology ] In approximately November 2016, the search engine optimisation management company RankWatch exposed a Mongo DB with no password publicly whereupon their data was exfiltrated and posted to an online forum. The data contained 7.4 million unique email addresses along with names, employers, phone numbers and job titles in a table called "us_emails". When contacted and advised of the incident, RankWatch would not reveal the purpose of the data, where it had been acquired from and whether the data owners had consented to its collection. The forum which originally posted the data explained it as being "in the same vein as the modbsolutions leak", a large list of corporate data allegedly used for spam purposes.
• mobilita November 18, 2016 Kapustkiy hacks an Italian government website (mobilita.gov.it) and dumps 45,000 records.
• Three Mobile November 18, 2016 • [ hack, phishing, technology ] Three Mobile admits that hackers have successfully accessed its customer upgrade database after using an employee login. 6 million customers' private information is at risk.
• USOC (United States Olympic Committee) November 18, 2016 The U.S. Olympic Committee (USOC) notifies individuals who participated in the 100-Days Out event in April 2016 that their personal information has been acquired by an unauthorized individual who gained access to the email account of a contractor who ran security clearances for the event.
• Mega November 18, 2016 • [ hack, technology ] The Amn3s1a Team hacking group releases a data dump containing what the group claims is nearly 2GB of source code stolen from several Mega.nz servers.
• Unknown Organization November 17, 2016 • [ hack, misconfiguration, government ] The Canadian army's public recruitment website (forces.ca) is hacked and briefly redirects visitors to the official website of the Chinese government.
• Mark Zuckerberg's Pinterest account November 17, 2016 • [ hack, technology ] OurMine hack Mark Zuckerberg's Pinterest Account and post a message suggesting they could help him with his online security.
• Gorilla Glue November 17, 2016 • [ hack, manufacturing ] The Dark Overlord claims to have stolen a wealth of company and personal information (500Gb) from US adhesive, glue, and tape company Gorilla Glue.
• CashCrate November 17, 2016 • [ hack, md5 ] In June 2017, news broke that CashCrate had suffered a data breach exposing 6.8 million records. The breach of the cash-for-surveys site dated back to November 2016 and exposed names, physical addresses, email addresses and passwords stored in plain text for older accounts along with weak MD5 hashes for newer ones.