Portend Breaches

OlaCabs June 9, 2015 A hacker group dubbed Team Unknown claims to have successfully hacked into OlaCabs and managed to get access to sensistive information like credit-card history, vouchers, and user behavior. Ola denies these claims.

Los Angeles County Public Works June 9, 2015 • [ hack, government, misconfiguration ] A downtown Los Angeles digital traffic sign is hacked to state "Read a fu***ng book."

US Army June 8, 2015 • [ hack, government ] The official website of the US Army (army.mil) is defaced by attackers claiming to be associated with the Syrian Electronic Army. In addition to a message on the page claiming attriubtion, the attackers also include a pop-up message to anyone visiting: "Your commanders admit they are training the people they have sent you to die fighting."

Westnet June 6, 2015 • [ leak, hack, technology ] Australia's third-largest internet service provider, iiNet, investigates claims that a database held by its subsidiary, Westnet, has been hacked and is being offered for sale by a hacker dubbed Mufasa.

Eataly June 5, 2015 • [ financial, malware, retail ] The global Italian food market Eataly confirms that it was the victim of a data breach earlier this year that could have compromised the data of all payment cards used over a nearly four-month period. It appears that only Eataly's NYC Retail Marketplace was affected.

Saint Francis Hospital June 5, 2015 • [ financial, malware, healthcare ] The St. Francis Hospital in Tulsa, Oklahoma, revelas that the system processing card payments for its gift shop was comprmoised for a brief period, capturing financial data of the customers

Brabantia June 5, 2015 Brabantia, the Dutch company known for making steel bins, notifies its consumers that the user database has been subject to unauthorized access and some customer detials may have been compromised.

Scuf Gaming June 5, 2015 • [ data breach, data leak, password hashes ] In June 2015, custom gaming controller maker Scuf Gaming suffered a data breach. The incident exposed 129k unique email addresses along with usernames, display names, IP addresses and password hashes.

Chinanews June 4, 2015 Chinanews, one of China's biggest news agencies is defaced. The attacker leaves a one-sentence message on the agency's home page giving the number of a bank account at the industrial and Commercial Bank of China.

Intimacy Bra Fit Stylists June 4, 2015 • [ hack, misconfiguration, retail ] Lingerie seller Intimacy Bra Fit Stylists notifies an undisclosed number of individuals that its e-commerce server was compromised and that personal information may have been misappropriated.

Pentagon June 4, 2015 Secretary of Defense Ash Carter reveals that a Russian threat actor compromised a legacy unclassified network at the Department of Defense.

Holiday Valley Resort June 2, 2015 • [ financial, malware, retail ] New York-based Holiday Valley Resort announces that malware may have compromised payment cards used at any of the resort's POS devices between October 2014 and June.

Piatt County, Illinois June 2, 2015 • [ hack, government ] The pro-Palestinian hacktivist collective AnonGhost defaces the official website of Piatt County, Illinois along with the website of the county's Sheriff office, election office and Highway Department.

AeroGrow International June 2, 2015 • [ financial, malware, manufacturing ] AeroGrow International, Inc. notifies an undisclosed number of indidividals who shopped on its website AeroGarden.com that malware was likely used to infiltrate online servers, and that payment card data may have been compromised.

Heartland Dental June 2, 2015 Heartland Dental notifies an undisclosed number of indiviudals that unauthorized access was gained to a limited portion of its IT systems, and that personal data may have been compromised.

Medical Information Engineering June 2, 2015 • [ hack, healthcare ] Medical Information Engineering (MIE), a medical software company, notifies customers of a cybersecurity incident that provided unauthorized access to its network and some patients' personal health information.

Eroticy June 1, 2015 In mid-2016, it's alleged that the adult website known as Eroticy was hacked. Almost 1.4 million unique accounts were found circulating in late 2016 which contained a raft of personal information ranging from email addresses to phone numbers to plain text passwords. Whilst many HIBP subscribers confirmed their data was legitimate, the actual source of the breach remains inconclusive. A detailed account of the data has been published in the hope of identifying the origin of the breach.

Office of the President May 31, 2015 • [ espionage, malware, government ] Vietnamese threat actor Ocean Lotus has compronised the websites of numerous entitities in Southeast Asia to be used for watering-hole attacks. Some of the organizations have also been targeted with malware aiming to install backdoors on their systems. The group has targeted ASEAN, China, Cambodia, Laos, and the Philippines.

thaimassagemodel May 30, 2015 yPeRtRoN hacks an adult web site (thaimassagemodel.com) and dumps 4,614 records with usernames and hashed passwords.

gaana May 28, 2015 Gaana, one of the top music streaming sites in India with more than 7.5 million monthly users is hacked by a Pakistani hacker called Mak Man, and its user database is exposed.

Recent Breaches