Full List

Search

Recent Breaches

• Team SoloMid December 22, 2014 • [ hack, leak ] In December 2014, the electronic sports organisation known as Team SoloMid was hacked and 442k members accounts were leaked. The accounts included email and IP addresses, usernames and salted hashes of passwords.
• Acne.org November 25, 2014 • [ leak, healthcare ] In November 2014, the acne website acne.org suffered a data breach that exposed over 430k forum members' accounts. The data was being actively traded on underground forums and included email addresses, birth dates and passwords.
• Warframe November 24, 2014 • [ hack, sqlinjection, technology ] In November 2014, the online game Warframe was hacked and 819k unique email addresses were exposed. Allegedly due to a SQL injection flaw in Drupal, the attack exposed usernames, email addresses and data in a "pass" column which adheres to the salted SHA12 password hashing pattern used by Drupal 7. Digital Extremes (the developers of Warframe), asserts the salted hashes are of "alias names" rather than passwords.
• Sony Pictures Entertainment November 21, 2014 Threat actors compromised the networks of Sony Pictures Entertainment, destroyed data, and publicly released employee emails. The United States attributed the incident to North Korea, which is believed to have staged the attack to prevent Sony from releasing the film The Interview, which depicts an assassination plot against North Korean leader Kim Jong-un.
• Westinghouse Electric Company November 20, 2014 • [ espionage, energy ] A threat actor targeted Westinghouse Electric Company, a nuclear power developer, for espionage purposes. One of the individuals alleged to be behind this incident, believed to be Russian military intelligence (known as GRU), was indicted by the U.S. Justice Department.
• Malwarebytes November 15, 2014 • [ hack, misconfiguration, technology ] In November 2014, the Malwarebytes forum was hacked and 111k member records were exposed. The IP.Board forum included email and IP addresses, birth dates and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.
• Beef O'Brady's November 13, 2014 Four restaurants of the Beef O'Brady's chain are hacked in Florida, resulting in several customers complaining about unauthorized transactions.
• Bot of Legends November 13, 2014 • [ hack, technology ] In November 2014, the forum for Bot of Legends suffered a data breach. The IP.Board forum contained 238k accounts including usernames, email and IP addresses and passwords stored as salted MD5 hashes.
• National Oceanic and Atmospheric Agency November 12, 2014 • [ hack, government ] Chinese threat actors accessed the network of the National Oceanic and Atmospheric Administration. The hack resulted in NOAA temporarily halting the sending of satellite data to institutions such as the National Weather Service.
• U.S. Postal Service November 9, 2014 • [ espionage, government ] A threat actor compromised the networks of the U.S. Postal Service and gained access to employee data. Chinese threat actors are believed to be behind the attack.
• Penn Highlands Brookville November 7, 2014 Penn Highlands Brookville confirms that a computer server containing patient information for a doctor, was compromised when a third party intruder had access to information contained on the doctor's server held by a third party. 4,500 patients are impacted.
• President of Myanmar's website November 1, 2014 A threat actor compromised the Myanmar Ministry of Information website in an attempt to compromise visitors to those websites for espionage purposes.
• CurrentC October 31, 2014 CurrentC, a phone-based payment system designed to compete with the recently launched Apple Pay, experiences a major data breach, as the email addresses of beta testers and interested potential users are extracted from a database.
• Cape May-Lewes Ferry October 30, 2014 The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry is compromised and data from roughly 60,000 transactions are impacted.
• Telethon October 30, 2014 An unknown individual takes over the Instagram account for Telethon, a 48-hour-long event in West Australia aiming to raise funds for children's charities, and asks a ransom of AUD 1000 to give it back.
• Backcountry Gear October 29, 2014 • [ financial, malware, retail ] For the second time in three months, Backcountry Gear is notifying online customers that malware may have compromised their payment card information.
• Executive Office of the President October 29, 2014 The unclassified network of the Executive Office of the President is breached by attackers thought to be working for the Russian government.
• City of Phoenix, Arizona October 28, 2014 • [ hack, ddos, government ] The computer systems of the public services in Phoenix, Arizona, are the target of a DDoS Attack.
• Popular Science October 28, 2014 • [ hack, malware, technology ] Websense detects that the official website of Popular Science (popsci.com) is compromised, serving malicious code.
• Fidelity National Financial October 27, 2014 • [ social, phishing, finance ] Fidelity National Financial notifies an undisclosed number of individuals that their personal information may have been accessible after a small number of employees had their email accounts compromised in a targeted phishing attack.