-
Ster-Kinekor
March 9, 2017
•
[ leak, misconfiguration, retail ]
In 2016, the South African cinema company Ster-Kinekor had a security flaw which leaked a large amount of customer data via an enumeration vulnerability in the API of their old website. Whilst more than 6 million accounts were leaked by the flaw, the exposed data only contained 1.6 million unique email addresses. The data also included extensive personal information such as names, addresses, birthdates, genders and plain text passwords.
-
Verifone
March 7, 2017
•
[ hack, finance ]
Credit and debit card payments giant Verifone investigates a breach of its internal computer networks that appears to have impacted a number of companies running its point-of-sale solutions.
-
Center for American Progress
March 6, 2017
New reports reveal that Russian hackers are targeting U.S. progressive groups in a new wave of attacks. According to the report, at least a dozen groups have faced extortion attempts since the U.S. presidential election. The ransom demands are accompanied by samples of sensitive data in the hackers' possession.
-
University of Idaho
March 6, 2017
•
[ social, phishing, education ]
University of Idaho notifies 257 employees after a phishing incident.
-
Henok Gabisa
March 6, 2017
A threat actor targeted Ethiopian dissidents for the purpose of espionage, using commercially available spyware sold by Cyberbit, an Israel-based company. Most notably, the actor targeted the Oromia Media Network and some individuals associated with it.
-
Advertisement board in Mexico City
March 4, 2017
•
[ hack, technology ]
A digital advertisement board owned by Grupo Carteleras located on a busy road in Mexico City is hacked on Friday and features a pornographic video for a few minutes.
-
Pennsylvania Senate Democrats
March 3, 2017
•
[ ransomware, malware, government ]
The Pennsylvania Senate Democrats are hit by a ransomware attack that locks senators and employees out of their computer network.
-
Radio Station WZZY-FM
March 2, 2017
•
[ hack, technology ]
Radio station WZZY-FM falls victim to a prank when hackers access its computer systems and begin broadcasting fake news alerts of a zombie attack, along with a disease outbreak caused by the resulting carnage.
-
Unknown Organization
March 2, 2017
•
[ hack, ddos, retail ]
South Korea's Lotte Duty Free website (lottedfs.com) is taken down by a DDoS attack orchestrated from a Chinese IP.
-
Daytona State College
March 2, 2017
Daytona State College notifies staff of a potential W-2 incident.
-
Kennesaw State University
March 1, 2017
•
[ hack, education ]
The FBI is investigating an alleged hack of a Kennesaw State University server.
-
Aptos
March 1, 2017
•
[ financial, malware, technology ]
Shoppers of 40 online stores have had their bank card numbers and addresses stolen by a malware infection at backend provider Aptos late last year.
-
Bolt
March 1, 2017
In approximately March 2017, the file sharing website Bolt suffered a data breach resulting in the exposure of 995k unique user records. The data was sourced from their vBulletin forum and contained email and IP addresses, usernames and salted MD5 password hashes. The site was previously reported as compromised on the Vigilante.pw breached database directory.
-
Singapore's Ministry of Defence (Mindef)
February 28, 2017
•
[ hack, government ]
Singapore's Ministry of Defence (Mindef) confirms that the personal details more than 850 national servicemen and employees were stolen in a "targeted and well-planned" cyberattack earlier this month.
-
Diamond Institute for Infertility and Menopause
February 27, 2017
Diamond Institute for Infertility and Menopause notifies patients of an incident involving their electronic health records server, maintained by an unnamed third party. The incident happened in February 2017.
-
Luxembourg government servers
February 27, 2017
•
[ hack, ddos, government ]
The Luxembourg government's servers are hit in a massive DDoS attack that lasts over 24 hours. The attack is believed to have affected over a hundred websites hosted by the government's servers.
-
Association of British Travel Agents (ABTA)
February 27, 2017
The UK's largest travel trade organisation, the Association of British Travel Agents (ABTA) experiences a cyberattack on its website that puts 43,000 holidaymakers and travel agents at risk of identity theft.
-
Amalgamated Sugar
February 27, 2017
Nearly 3,000 workers at Amalgamated Sugar receive notifications of an intruder accessing the company's network and their personal information being disclosed.
-
Travel Corporation
February 26, 2017
Travel Corporation falls victim to a W-2 Scam.
-
St. Mary's Catholic Academy
February 26, 2017
•
[ hack, misconfiguration, education ]
Hackers break into CCTV systems of at least four British schools and stream footage of pupils live on the internet. St. Mary's Catholic Academy and Christ The King Academy Primary School are two fo the victims.