Full List

Search

Recent Breaches

• Vodafone Egypt September 13, 2014 • [ hack, technology ] A hacker going with the handle of Ali El Top defaces two official sub-domains of Vodafone Egypt.
• George Mason University September 12, 2014 • [ hack, malware, education ] George Mason University reveals to have detected a malware intrusion into its travel booking system on July 16. No personal information is thought to have been viewed, but the incident could have affected up to 4,400 users.
• Steam September 12, 2014 Many users of Steam, Valve's online gaming platform, complain about game items stolen. The culprit appears to be a new piece of malware. A variant is also found on Twitch, the Amazon-owned gaming video platform.
• Central Utah Clinic September 11, 2014 • [ hack, healthcare ] More than 30,000 patients of the Central Utah Clinic in Provo, Utah might have had their personal health information viewed by an unauthorized intruder who broke into one of the clinic's servers.
• Tout September 11, 2014 • [ leak, technology ] In approximately September 2014, the now defunct social networking service Tout suffered a data breach. The breach subsequently appeared years later and included 653k unique email addresses, names, IP addresses, the location of the user, their bio and passwords stored as bcrypt hashes. The data was provided to HIBP by a source who requested it to be attributed to "nmapthis@protonmail.com".
• We End Violence September 10, 2014 • [ hack, misconfiguration, education ] California-based violence prevention education organization We End Violence discovers a potential intrusion into its Agent of Change application server that could have exposed personal information, and, so far, 79,000 California State University students have been impacted.
• mail.ru Dump September 10, 2014 In September 2014, several large dumps of user accounts appeared on the Russian Bitcoin Security Forum including one with nearly 5M email addresses and passwords, predominantly on the mail.ru domain. Whilst unlikely to be the result of a direct attack against mail.ru, the credentials were confirmed by many as legitimate for other services they had subscribed to. Further data allegedly valid for mail.ru and containing email addresses and plain text passwords was added in January 2018 bringing to total to more than 16M records. The incident was also then flagged as "unverified", a concept that was introduced after the initial data load in 2014.
• EA Firemonkeys September 9, 2014 • [ hack, technology ] EA confirms that its Australian studio EA Firemonkeys was hacked in September last year and that "a small number of customer email addresses were potentially obtained".
• Yandy September 9, 2014 • [ leak, retail ] Yandy.com, an online retailer of women's lingerie and clothing, announces to have discovered a security breach, resulting in credit and debit card data of customers being exposed.
• Satoshi Nakamoto September 9, 2014 • [ hack, technology ] A hacker with the moniker of Jeffrey claims to have taken over the email account belonging to bitcoin's secretive creator, Satoshi Nakamoto, saying he will sell Nakamoto's secrets for money.
• Severne Shop September 8, 2014 • [ hack, retail ] An unknown hacker called Sdambasha hacks quaysideseverneshop.com and dumps almost 300 usernames and passwords.
• comicbookdb September 8, 2014 Smitt3nz hacks comicbookdb.com and dumps 52,000 plaintext accounts (usernames and passwords).
• Jerusalem Center for Public Affairs September 8, 2014 • [ hack, malware, government ] The official website of the Jerusalem Center for Public Affairs (jcpa.org), an important Israeli think tank, is compromised and abused to distribute malware.
• Israeli Ministry of Education September 8, 2014 • [ hack, education ] The pro-Palestinian hacking group AnonGhost defaces a sub-domain of the Israeli ministry of education (gadol.edu.gov.il).
• Yandex Dump September 7, 2014 In September 2014, news broke of a massive leak of accounts from Yandex, the Russian search engine giants who also provides email services. The purported million "breached" accounts were disclosed at the same time as nearly 5M mail.ru accounts with both companies claiming the credentials were acquired via phishing scams rather than being obtained as a result of direct attacks against their services.
• California State University September 6, 2014 • [ hack, education ] California State University officials reveal a breach in an East Bay web server used to store personal employee information. The security breach occurred on Aug. 23, 2013 and was discovered Aug. 11 of this year.
• Pakistan Ministry of Interior September 6, 2014 • [ hack, government ] Yet another cyber attack in Pakistan. Anonymous Pakistan defaces the official website of the Pakistan Ministry of Interior (interior.gov.pk).
• Healthcare September 5, 2014 • [ hack, government ] The White House discloses to the Wall Street Journal that a hacker has breached healthcare.gov, compromising personal data for millions of Americans.
• Sea Pines Resort September 5, 2014 Sea Pines Resort may have been the victims of a computer hack resulting in stolen credit card information.
• Azad Kashmir Government Portal September 5, 2014 • [ hack, sqlinjection, government ] The Pak Cyber Eaglez collective breaks into the online portal of the Azad Kashmir government (ajk.gov.pk), defaces some of the pages, and extracts the database with the login credentials.