-
SvenskaMagic
July 1, 2015
Sometime in 2015, the Swedish magic website SvenskaMagic suffered a data breach that exposed over 30k records. The compromised data included usernames, email addresses and MD5 password hashes. The data was self-submitted to HIBP by SvenskaMagic.
-
Qatar National Bank
July 1, 2015
•
[ hack, sqlinjection, finance ]
In July 2015, the Qatar National Bank suffered a data breach which exposed 15k documents totalling 1.4GB and detailing more than 100k accounts with passwords and PINs. The incident was made public some 9 months later in April 2016 when the documents appeared publicly on a file sharing site. Analysis of the breached data suggests the attack began by exploiting a SQL injection flaw in the bank's website.
-
PS3Hax
July 1, 2015
•
[ hack, misconfiguration, technology ]
In approximately July 2015, the Sony Playstation hacks and mods forum known as PS3Hax was hacked and more than 447k accounts were exposed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.
-
Minefield
June 28, 2015
•
[ hack, misconfiguration, technology ]
In June 2015, the French Minecraft server known as Minefield was hacked and 188k member records were exposed. The IP.Board forum included email and IP addresses, birth dates and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.
-
Accademia della Crusca
June 23, 2015
•
[ hack, education ]
A pro-ISIS hacker hacker dubbed Phenomene Dz defaces the website of The Accademia della Crusca (www.accademiadellacrusca.it), the most important research institution studying the Italian language.
-
http://ecastTV
June 15, 2015
Hacking collective @TheNetShip hacks ecasttv.co.nz and dumps its entire database.
-
Uber
June 15, 2015
•
[ hack, misconfiguration, technology ]
A website hosting an Uber petition (petition.uber.org) calling on local government to allow its drivers to work on San Francisco's Market Street is defaced by a seemingly well-intentioned blogger, who also inserts a banner that automatically redirects visitors to a competitor's site.
-
LastPass
June 15, 2015
Password manager LastPass reveals that email addresses and encrypted master passwords have been compromised in a breach. The company does not believe user accounts were accessed in the attack, but recommends that users change the master password they use to access their account.
-
James Rodriguez
June 15, 2015
KelvinSecTeam hacks the official websites of the Colombian football star James Rodriguez and dumps 1,855 usernames and hashed passwords.
-
-
Bahraini Human Rights Watch Society
June 13, 2015
•
[ hack, education ]
A Bahraini human rights group claims its website (bhrws.org) and Twitter account (@bhrws2004) have been hacked by anti-government protesters.
-
Unicor
June 11, 2015
•
[ hack, government ]
An unknown hacker dumps a database containing what appears to be around 23,000 email addresses of US government workers on a dark web hacking. The list appears to have been stolen from a different government agency (unicor.gov) also known as Federal Prison Industries.
-
Lithuanian Armed Forces
June 11, 2015
•
[ hack, government ]
The Lithuanian Armed Forces website (kariuomene.kam.lt) is hacked to post false information about the NATO annexation of Kaliningrad.
-
Japanese Petroleum Association
June 10, 2015
•
[ hack, malware, energy ]
Japan's Petroleum Association is hit by a targeted cyber-attack earlier this month, which saw numerous PCs become infected with an unknown virus.
-
US Air Force
June 10, 2015
•
[ hack, government ]
The AnonGhost collective defaces two subdomains of the US Air Force. The targeted domains belong to Profession of Arms Center of Excellence and Professional Development Guide of the US Air Force.
-
Kaspersky Lab
June 10, 2015
•
[ espionage, malware, technology ]
Kaspersky discoveres an advanced attack on its own internal networks. The company is confident that there's a nation state behind it and calls the malware Duqu 2.0.
-
Arizona Department of Weights and Measures
June 10, 2015
The Middle East Cyber Army defaces the Arizona Department of Weights and Measures.
-
Missing Link Networks
June 10, 2015
•
[ financial, misconfiguration, retail ]
Missing Link Networks Inc, a credit card processor and point-of-sale vendor, reveals that a breach of its networks exposed card data for transactions it processed in the month of April 2015.
-
North Dakota Workforce and Safety Institute
June 10, 2015
•
[ leak, misconfiguration, government ]
Approximately 43,000 incident reports and 13,000 payroll reports are compromised in a breach of a North Dakota Workforce and Safety Institute (WSI) server, after the North Dakota Information Technology Department (ITD) detected unusual activity.
-
Freeparking
June 9, 2015
•
[ hack, ddos, technology ]
Freeparking, a web hosting provider, is the target of a severe DDoS attack.
