Portend Breaches

iiNet January 10, 2014 • [ hack, technology ] Australia's third-largest ISP, iiNet, launches a full investigation into a security breach of its TransACT network, believed to be affecting the email servers of one of its subsidiaries.

Verified January 10, 2014 • [ hack ] In January 2014, one of the largest communities of Eastern Europe cybercriminals known as "Verified" was hacked. The breach exposed nearly 17k users of the vBulletin forum including their personal messages and other potentially personally identifiable information.

The Straight Dope January 9, 2014 • [ hack, technology ] The Straight Dope, the popular online question and answer newspaper column, advises users of its forum to change their passwords because the information might have been compromised in a recent attack targeted at the bulletin board.

Bitcoin Security Forum Gmail Dump January 9, 2014 In September 2014, a large dump of nearly 5M usernames and passwords was posted to a Russian Bitcoin forum. Whilst commonly reported as 5M "Gmail passwords", the dump also contained 123k yandex.ru addresses. Whilst the origin of the breach remains unclear, the breached credentials were confirmed by multiple source as correct, albeit a number of years old.

Namibian Government Portal January 8, 2014 • [ hack, ddos, government ] In the name of OpFunKill the Anonymous take down the Namibia main Government portal gov.na

Directors Guild of Canada January 7, 2014 • [ hack, leak ] A hacker using the handle legionnare aka ObeySec has hacked the directors guild of Canada (dgc.ca) and leaks 2000+ usernames, email addresses and clear text passwords.

openSUSE January 7, 2014 • [ hack, malware, technology ] The well-known Pakistani hacker H4x0r HuSsY hacks the official Forum of OpenSUSE, defacing it and allegedly compromising the account information of 79,500 registered users.

Staysure January 6, 2014 • [ financial, finance ] The travel insurance company Staysure confirms that customer names, addresses and card payment details (including CVV) have been stolen from customers who took out insurance prior to May 2012. The attack was carried out back in October last year, but the company was slow to react to it.

MMMOOO January 6, 2014 • [ hack, technology ] A group of hackers going by the name HitlerSec hack a Chinese mobile application MMMOOO (immmooo.com) and dump 85,753 email addresses and encrypted passwords.

What.cd January 6, 2014 • [ hack, ddos, technology ] Three of the largest private BitTorrent trackers are offline due to prolonged DDoS attacks. The targets are: What.cd, Broadcasthe.net, PassthePopcorn.me.

World of Warcraft January 6, 2014 • [ hack, malware, technology ] World of Warcraft players are hit with a malicious trojan that hijacks accounts. The malware infects systems by posing as an installer of Curse, a legitimate add-on.

Monju Nuclear Power Plant January 6, 2014 • [ leak, energy ] A server administrator discovers that one of the eight computers in the reactor control room of the Monju Nuclear Plant has been accessed over 30 times in the last five days. More than 42,000 e-mails and staff training reports were stored on the computer.

Tajikistan Domain Registrar January 6, 2014 An Iranian hacker called Mr.Xhat hacks the national domain registrar for Tajikistan (domain.tj), and as a consequence, the local primary domains for Google, Yahoo, Twitter, Amazon are redirected to a defaced page.

Alipay January 6, 2014 A former employee of Alipay and two accomplices are in custody, suspected of having sold customers' personal information to e-commerce companies starting in 2010. A total of 20 Gb of data were exfiltrated from the Back-End Systems.

WPT Amateur Poker League January 4, 2014 • [ hack, leak, misconfiguration ] In January 2014, the World Poker Tour (WPT) Amateur Poker League website was hacked by the Twitter user @smitt3nz. The attack resulted in the public disclosure of 175,000 accounts including 148,000 email addresses. The plain text password for each account was also included in the breach.

Financial Services Online January 3, 2014 • [ hack, finance ] A group of Pakistani hackers called Pakiz Cyber Squad hacks Financial Services Online (financialservicesonline.com.au), and dumps 527 affiliate account credentials.

Steam January 3, 2014 The servers for Steam, Origin, Battle.net, League of Legends, and several other gaming platforms are brought down temporarily by apparent DDoS attacks that seem to be related to a swatting attack on an individual known for streaming games.

Malaysian Ministry of Education January 3, 2014 Hackers belonging to a group called Evil Shadow Team deface the website of Malaysia's Ministry of Education (moe.gov.my).

EA January 3, 2014 The servers for Steam, Origin, Battle.net, and League of Legends are brought down temporarily by apparent DDoS attacks that seem to be related to a swatting attack on an individual known for streaming games.

Snapchat January 2, 2014 • [ leak, misconfiguration, technology ] Greyhat hackers publish the partial phone numbers belonging to more than 4.5 million Snapchat users after exploiting a recently disclosed security weakness that officials of the service had described as theoretical.

Recent Breaches