Full List

Search

Recent Breaches

• Kaneva July 1, 2016 • [ leak, misconfiguration ] In July 2016, now defunct website Kaneva, the service to "build and explore virtual worlds", suffered a data breach that exposed 3.9M user records. The data included email addresses, usernames, dates of birth and salted MD5 password hashes.
• OnRPG July 1, 2016 • [ hack, technology ] In July 2016, the now defunct free online games list website OnRPG suffered a data breach that was later redistributed as part of a larger corpus of data. The incident exposed just over 1M email and IP addresses alongside usernames and passwords stored as salted MD5 hashes.
• Web Hosting Talk July 1, 2016 • [ data leak ] In July 2016, the Web Hosting Talk forum suffered a data breach that was subsequently listed for sale. The breach of the vBulletin based forum exposed 515k user records including usernames, email addresses, IP addresses and salted MD5 password hashes.
• Muslim Match June 30, 2016 • [ leak, technology ] A niche dating website called Muslim Match has suffered a data breach exposing roughly 150,000 user accounts and more than half a million private messages.
• Patterson Dental Supply Inc June 30, 2016 • [ leak, healthcare ] A breach at Patterson Dental Supply Inc compromises the information of roughly 4,300 patients of the Massachusetts General Hospital.
• US Democratic Party June 30, 2016 • [ leak, government ] Guccifer 2.0 releases 25 new documents.
• University of Regina June 30, 2016 • [ hack, education ] Three University of Regina computers are hacked. Names, student and employee numbers, as well as social insurance numbers, may have been accessed.
• Hard Rock Hotel and Casino Las Vegas June 29, 2016 • [ financial, hack, malware ] The Hard Rock Hotel and Casino Las Vegas notifies guests of "certain restaurant and retail outlets" located at its Las Vegas casino that hackers breached payments systems extracting credit card data.
• Lilly Singh's YouTube Channel June 29, 2016 • [ hack, technology ] PoodleCorp defaces another popular YouTube Channel: Lilly Singh.
• Noodles & Company June 29, 2016 • [ financial, malware, retail ] Noodles & Company announces that malware infected its backend card processing system and maybe have compromised customer credit and debit card data collected between January 31, 2016 and June 2, 2016.
• Twitter account of Brendan Iribe, CEO of virtual reality company Oculus June 29, 2016 • [ hack, social, technology ] Brendan Iribe, CEO of Facebook-owned virtual reality company Oculus, is the latest victim of the trail of Twitter accounts hjiacks.
• Washington County Community Development Agency June 29, 2016 • [ hack, government ] The Washington County Community Development Agency warns that an unauthorized third party hacked into one of the agency's servers earlier this month, potentially exposing certain community members and employees' personal information.
• World-Check Database June 29, 2016 Researcher Chris Vickery reveals to have obtained a mid-2014 copy of the controversial database World-Check containing details of 2.2 million individuals suspected of terrorism.
• Multiple healthcare databases June 28, 2016 • [ hack, leak, healthcare ] Here we are again, this time TheDarkOverlord claims to have broken into multiple healthcare databases across America and lists a fresh trove of 9.2 million records on a Dark Web-based marketplace for 750 bitcoin ( 368,000).
• StreetEasy June 28, 2016 • [ hack, technology ] In approximately June 2016, the real estate website StreetEasy suffered a data breach. In total, 988k unique email addresses were included in the breach alongside names, usernames and SHA-1 hashes of passwords, all of which appeared for sale on a dark web marketplace in February 2019. The data was provided to HIBP by a source who requested it be attributed to "JimScott.Sec@protonmail.com".
• Twitter account of Sundar Pichai, Google CEO June 27, 2016 Google CEO Sundar Pichai is the latest victim of the hacking group 'OurMine' after his Twitter-linked Quora account is temporarily compromised and filled with spam links.
• Unnamed jewelry shop June 27, 2016 • [ hack, ddos, retail ] Researchers from Sucuri reveal the details of a massive DDoS attack against an unnamed jewelry shop carried out by leveraging a network of 25,000 compromised CCTV boxes.
• IRS June 27, 2016 The IRS announces that it has removed its electronic filing PIN tool (e-File PIN), following "additional questionable activity."
• Deutsche Telekom June 27, 2016 • [ leak, technology ] Deutsche Telekom has warned its customers that it found account passwords for sale on the dark web.
• Whitepages June 27, 2016 • [ hack, technology ] In mid-2016, the telephone and address directory service Whitepages was among a raft of sites that were breached and their data then sold in early-2019. The data included over 11 million unique email addresses alongside names and passwords stored as either a SHA-1 or bcrypt hash. The data was provided to HIBP by a source who requested it to be attributed to "BenjaminBlue@exploit.im".