-
Official Twitter account of Netflix US (@netflix)
December 20, 2016
OurMine hackers strike again and take down the official Twitter accounts of Netflix US (@netflix)
-
Lynda
December 19, 2016
LinkedIn's online learning unit Lynda.com notifies its 9.5 million users of an unauthorised database breach that contained the contact information and courses viewed of around 55,000 users. The company confirms the hack and says it has reset the passwords.
-
Miami Beach City Hall's Sun Trust Bank
December 19, 2016
According to reports, malicious cyber-criminals were stealing cash from the bank since the summer of 2016 and the theft remained unnoticed until now. Too late now since the bank has already lost $3.6million.
-
Unknown Organization
December 19, 2016
•
[ hack, sqlinjection ]
Kapustkiy breaches the Slovak Chamber of Commerce (www.scci.sk) and accesses the data of more than 4,000 users.
-
Unknown Organization
December 19, 2016
•
[ hack, leak, education ]
Cryptolulz666 hacks the database of the Indian Institute of Technology Kharagpur, the second of the country and leaks a part of the 12,000 users.
-
Los Angeles County
December 18, 2016
•
[ hack, education ]
Kelvin Onaghinor, a Nigerian national is charged in connection with a hack of Los Angeles County emails that might have exposed personal data from more than 750,000 people who had business with county departments.
-
EA Battlefield 1
December 17, 2016
•
[ hack, ddos, technology ]
The Phantom Squad Collective takes down the servers of EA Battlefield 1.
-
Precon Products
December 17, 2016
The Dark Overlord leaks some data from Precon Products including the alleged video of an accident and the Operation Manager's iPhone data.
-
PayAsUGym
December 17, 2016
Fitness website PayAsUGym confirms one of its servers has been hacked and acknowledges that 300,000 email addresses and passwords of its members has been accessed.
-
Bleacher Report
December 16, 2016
•
[ hack, technology ]
Bleacher Report reports that an unauthorized user gained access to user information for its website and mobile app.
-
Ukrenergo
December 16, 2016
•
[ hack, energy ]
Ukraine investigates a suspected cyber attack on Kyiv's power grid at the weekend, the latest in a series of strikes on its energy and financial infrastructure.
-
italiastartupvisa
December 16, 2016
•
[ hack, ddos, government ]
Cryptolulz666 takes down the website of italiastartupvisa.mise.gov.it.
-
Department of Defense
December 16, 2016
Russian hackers reportedly launched a targeted cyberattack on the Pentagon in August 2015, which saw the unclassified email system used by the Joint Chiefs of Staff hijacked, leaving the data of nearly 3,500 military personnel and civilians vulnerable to exposure.
-
Unknown Organization
December 16, 2016
•
[ hack, ddos, government ]
Cryptolulz666 takes down the website of the Russian Federal Drug Control Service Liquidation Commission (fskn.gov.ru)
-
Russian Federation Drug Control Service
December 16, 2016
•
[ hack, ddos, government ]
Cryptolulz666 was just testing his own botnet, then later he targeted the website of the Russian Federal Drug Control Service liquidation commission. The Russian website was down for several hours.
-
Summit Reinsurance Services Inc.
December 16, 2016
•
[ hack, finance ]
Personal Information of about 1000 Black Hawk College employees and their dependents could have been compromised in a hack of Summit Reinsurance Services Inc., a former insurance provider's server.
-
Ethereum
December 16, 2016
In December 2016, the forum for the public blockchain-based distributed computing platform Ethereum suffered a data breach. The database contained over 16k unique email addresses along with IP addresses, private forum messages and (mostly) bcrypt hashed passwords. Ethereum elected to self-submit the data to HIBP, providing the service with a list of email addresses impacted by the incident.
-
Anti Public Combo List
December 16, 2016
•
[ leak, misconfiguration ]
In December 2016, a huge list of email address and password pairs appeared in a "combo list" referred to as "Anti Public". The list contained 458 million unique email addresses, many with multiple different passwords hacked from various online systems. The list was broadly circulated and used for "credential stuffing", that is attackers employ it in an attempt to identify other online systems where the account owner had reused their password. For detailed background on this incident, read Password reuse, credential stuffing and another billion records in Have I Been Pwned.
-
Unknown Organization
December 15, 2016
•
[ hack, government ]
The official website of the Russian National Visa Bureau in the Netherlands (rnvb.nl) is hacked with the information of thousands of people exposed.
-
Election Assistance Commission
December 15, 2016
•
[ hack, government ]
The Election Assistance Commission, the U.S. agency charged with ensuring that voting machines meet security standards, was itself penetrated by a hacker after the November elections, according to security firm Recorded Future.