Full List

Search

Recent Breaches

• VNG May 19, 2015 • [ hack, misconfiguration, technology ] In April 2018, news broke of a massive data breach impacting the Vietnamese company known as VNG after data was discovered being traded on a popular hacking forum where it was extensively redistributed. The breach dated back to an incident in May of 2015 and included of over 163 million customers. The data in the breach contained a wide range of personal attributes including usernames, birth dates, genders and home addresses along with unsalted MD5 hashes and 25 million unique email addresses. The data was provided to HIBP by dehashed.com.
• English Language Academy of the Univerity of Auckland May 18, 2015 • [ hack, education ] A hacker group calling itself the Middle East Cyber Army defaces the website of the English Language Academy of the Univerity of Auckland (ela.auckland.ac.nz).
• MetroHealth May 18, 2015 • [ hack, malware, healthcare ] MetroHealth notifies nearly 1,000 patients that three computers in its Cardiac Cath Lab were infected with malware, and the affected computers contained their personal information.
• Wayne County Sheriff's Deparment May 18, 2015 • [ leak, government ] In name of OpUSA, the online hacktivists AnonGhost deface the official website of Wayne Country Sheriff's department (sheriff.co.wayne.in.us/) and leak its database containing login credentials of its employees.
• Chilean National Municipal Information System May 17, 2015 • [ hack, government ] Anonymous hacks the official website of Chile's National Municipal Information System (sinim.gov.cl), defacing it and leaking login details of officials. The attack is done in support of student protests against the government's education policy. The hacker behind the attack goes by CyberBloc.
• jonimitchell May 16, 2015 • [ hack ] A hacker dubbed Pr0digy hacks jonimitchell.com and dumps 9,000 usernames and clear text passwords.
• Bundestag May 15, 2015 • [ espionage, government ] A Bundestag (German Parliament) official confirms media reports about a "sophisticated attack" on the institution. The attack was later attributed to Russia.
• Pennsylvania State University May 15, 2015 Penn State's College of Engineering is disconnected from the Internet after two serious computer intrusions that exposed personal information for at least 18,000 people and possible other sensitive data. The group responsible for one of the attacks appears to be based in China.
• Washington Post May 14, 2015 The Syrian Electronic Army is back and apparently hijacks for a few minutes the mobile site of the Washington Post, displaying messages critical of the news media and Saudi Arabia. The 30-minute disruption occurs when hackers infiltrated a Washington Post content-delivery partner, Instart Logic.
• Atlanta Department of Public Works May 14, 2015 • [ hack, misconfiguration, government ] Unknown attackers hack a billboard in Atlanta and replace a video with several images from Goatse, one of the internet's original shock sites.
• mSpy May 14, 2015 Mobile spyware firm mSpy is hacked, and its database is published on the dark web. The data dump includes information on the more than 400,000 users, including Apple IDs and passwords, tracking data, and payment details on some 145,000 successful transactions.
• Gaadi May 14, 2015 • [ leak, misconfiguration, automotive ] In May 2015, the Indian motoring website known as Gaadi had 4.3 million records exposed in a data breach. The data contained usernames, email and IP addresses, genders, the city of users as well as passwords stored in both plain text and as MD5 hashes. The site was previously reported as compromised on the Vigilante.pw breached database directory.
• mSpy May 14, 2015 In May 2015, the "monitoring" software known as mSpy suffered a major data breach. The software (allegedly often used to spy on unsuspecting victims), stored extensive personal information within their online service which after being breached, was made freely available on the internet.
• Minnesota Department of Education May 13, 2015 • [ hack, education, government ] Minnesota student testing is suspended again after what is believed to be a sophisticated hacking attempt.
• badminton-total May 11, 2015 • [ hack, retail ] An unknown hacker hacks badminton-total.com and dumps 2,641 usernames and clear text passwords
• www2 May 11, 2015 In name of OpGreenRights, two websites under the administraion of the Brazilian government (brasil.gov.br and www2.brasil.gov.br) are taken down by a DDoS attack.
• International Grand Investment Corporation May 11, 2015 A computer hacker apparently steals $250,000 from International Grand Investment Corporation. The money is wired to what appears to be a business in China.
• lottoland May 11, 2015 • [ hack, government ] GrenXPaRTa claims to have hacked lottoland.co.uk and dumps 9,702 usernames and passwords
• Singapore Ministry of Foreign Affairs May 11, 2015 • [ espionage, government ] Singapore Minister of Information and Communications reveals that the local Ministry of Foreign Affairs was the victim of an advanced attack, last year, which forced the affected devices to be disconnected from the network.
• Starbucks May 11, 2015 Starbucks is the victim of an ingenious hack, which allows credit card hackers to steal money from consumers' gift cards mobile app.