Full List

Search

Recent Breaches

• Ashley Madison July 19, 2015 • [ leak, technology ] In July 2015, the infidelity website Ashley Madison suffered a serious data breach. The attackers threatened Ashley Madison with the full disclosure of the breach unless the service was shut down. One month later, the database was dumped including more than 30M unique email addresses. This breach has been classed as "sensitive" and is not publicly searchable, although individuals may discover if they've been impacted by registering for notifications. Read about this approach in detail.
• Royal Canadian Mounted Police July 18, 2015 • [ hack, ddos, government ] Members of the Anonymous collective claim to have crashed the Royal Canadian Mounted Police (RCMP) website as a part of a battle to retaliate for the murder of a member in a shooting involving the Canadian Police.
• MeetMeInYourCity July 18, 2015 @ElSurveillance starts his personal battle against websites that promote escorts, defacing MeetMeInYourCity.com and leaking 2500 usernames and clear text passwords.
• Walmart Canada July 17, 2015 Pharmacy chain CVS takes down its online photo center CVSphoto.com, replacing it with a message warning that customer credit card data may have been compromised. The incident comes just days after Walmart Canada said it was investigating a potential breach, and is the consequence of the compromise of the third party hosting the website (PNI). Other affected companies include: Sams Club, Walgreens, Rite Aid and Tesco, to name a few.
• University of California Los Angeles July 17, 2015 University of California (UCLA) Health is hit by a cyberattack that potentially exposes the data of about 4.5 million people in the region.
• AFC Kredieten July 17, 2015 Hacker collective Rex Mundi claims to have stolen 24,000 financial records from Belgian loan company AFC Kredieten, and threatens to publish every loan applicant record in its possession if the company does not pay up a ransom. As proof that they have successfully hacked the company, Rex Mundi publishes some personal accounts and leaves a banner notification on the AFC Kredieten website.
• GO shop July 16, 2015 • [ hack, retail ] An anonymous hacker hacks shop.ufgo.org and dumps 1,194 usernames and clear text passwords.
• UniCredit July 16, 2015 • [ hack, malware, finance ] Cyphort Labs discovered a malware infection at the Ukrainian website of UniCredit bank: unicredit.ua.
• Soundwave July 16, 2015 • [ leak, misconfiguration, technology ] In approximately mid 2015, the music tracking app Soundwave suffered a data breach. The breach stemmed from an incident whereby "production data had been used to populate the test database" and was then inadvertently exposed in a MongoDB. The data contained 130k records and included email addresses, dates of birth, genders and MD5 hashes of passwords without a salt.
• Chris Foome July 15, 2015 • [ hack ] Team Sky are consulting their lawyers following what they believe to be the potential hacking of Chris Froome's training data files in order to suggest he may be using performance enhancing drugs during Tour De France.
• Epic Games July 15, 2015 Epic, the well known developer of video games, notifies the users of its forum (forum.epicgames.com) of an authorized access to their personal data (username, password, email and date of birth).
• Pakistani Presidential Website July 15, 2015 Pakistani President Mamnoon Hussain's website (presidentofpakistan.gov.pk) is defaced by a group of Bangladeshi hackers called Blacksmith Hacker's Team. Inside the same operation, 72 other Pakistani government websites are defaced as well.
• Telegram July 14, 2015 • [ hack, ddos, technology ] Popular messaging platform Telegram is hit with a 200Gbps distributed denial of service (DDoS) attack. Users in Asia, Australia, and Oceania are prevented from using the service.
• Insurance Services Office July 14, 2015 • [ hack, finance ] New Jersey-based Insurance Services Office (ISO) notifies an undisclosed number of consumers of an unauthorized access to the database.
• Envato July 13, 2015 • [ hack, ddos, technology ] Envato, the network of marketplaces is under a two week-long DDoS attack.
• WXXR 97.3 July 13, 2015 An Indiana radio station, WXXR 97.3, is apparently hacked, broadcasting a message from the Anonymous collective.
• cloudminr July 13, 2015 Cloud mininig service cloudminr.io is hacked. The attacker offers to sell the entire database (about 80,000 users) for 1 BTC (approx. 276 USD).
• Malaysian Police July 13, 2015 The AnonGhost collective takes over the Facebook and Twitter Accounts of the Malaysian Police and floods the feed with pro-ISIS messages.
• Voat July 13, 2015 • [ hack, ddos, technology ] Voat, the news aggregator, is taken down by a DDoS attack.
• Antrix Corporation July 12, 2015 • [ hack, government ] Indian space agency ISRO's commercial arm Antrix, has its website defaced. Suspects are thought to be Chinese hackers.