UniCredit
October 28, 2019
•[ hack, misconfiguration, finance ]
UniCredit uncover a data breach involving the personal records of 3 million domestic clients from a compromised 2015 file.
South African Banks
October 25, 2019
•[ financial, ddos, finance ]
The South African Banking Risk Information Centre (SABRIC) announces that the South African banking industry has been hit by a wave of DDoS attacks targeting consumer-facing services.
Billtrust
October 17, 2019
•[ ransomware, malware, finance ]
U.S. financial services provider Billtrust experiences an outage affecting all of its services after some of the company's computing systems are impacted by a malware attack allegedly caused by the BitPaymer ransomware.
BriansClub
October 15, 2019
•[ hack, leak, finance ]
"BriansClub" one of the largest underground stores for buying stolen credit card data, is itself hacked. The data stolen from BriansClub encompasses more than 26 million credit and debit card records.
NCR Corporation
October 10, 2019
•[ financial, malware, finance ]
Researchers from FireEye discover new tools from the FIN7 group: a loader, dubbed BOOSTWRITE, that delivers payloads into memory and a module, dubbed RDFSNIFFER, that hooks into the remote administration software of ATM maker NCR Corporation.
TransUnion
October 9, 2019
•[ hack, finance ]
The personal information of about 37,000 Canadians is compromised after the fraudulent use of one if TransUnion's legitimate business customer's login credentials. The breach occurred between June and July.
Users of Venmo mobile payment service
September 15, 2019
•[ social, phishing, finance ]
The Dighton Police Department warns of a wave of phishing scams targeting users of Venmo mobile payment service with text messages that direct to a fake website.
EOSPlay
September 14, 2019
•[ financial, finance ]
A hacker spends $1,000 in EOS to steal more than $110,000 in cryptocurrency through an exploit of EOS gambling game EOSPlay.
Hong Kong Exchanges and Clearing Limited (HKEX)
September 6, 2019
•[ hack, ddos, finance ]
The Hong Kong Exchanges and Clearing Limited (HKEX) is hit by a DDoS attack.
Australian PayID users
August 26, 2019
•[ hack, brute-force, finance ]
Tens of thousands of Australians have had their personal banking information hacked by fraudsters, after fraudulent accounts worked to generate a series of random numbers and retrieve the victims' PayID details.
Mastercard Priceless Specials loyalty program
August 23, 2019
•[ leak, finance ]
Mastercard discloses a data breach to the German and Belgian Data Protection Authorities involving customer data from the company's Priceless Specials loyalty program. Two files with the details of the loyalty program members are leaked on the Internet.
Mastercard Priceless Specials
August 20, 2019
•[ leak, finance ]
In August 2019, the German Mastercard bonus program "Priceless Specials" suffered a data breach. Personal data on almost 90k program members was subsequently extensively circulated online and included names, email and IP addresses, phone numbers and partial credit card data. Following the incident, the program was subsequently suspended.
European Central Bank
August 15, 2019
•[ hack, finance ]
The European Central Bank uncovers a data breach in its Bank newsletter. The attackers had access for months to the contact information of hundreds of financial industry subscribers to the Banks' Integrated Reporting Dictionary (BIRD) website.
State Farm
August 7, 2019
•[ hack, brute-force, finance ]
US banking and insurance giant State Farm says it suffered a credential stuffing attack in July, during which "a bad actor" was able to confirm valid usernames and passwords for State Farm online accounts.
Capital One
July 29, 2019
•[ hack, finance ]
Capital One discloses a data breach impacting 100 million people in the United States, and 6 million in Canada. Data between 2005 and 2019 was accessed and related to information on consumers at the time when they applied for a credit card.
Bitpoint
July 12, 2019
•[ hack, finance ]
Japanese cryptocurrency exchange Bitpoint suspends all services after losing about 3.5 billion yen ($32 million) in a hack that involved Ripple and other cryptocurrencies.
Unknown Organization
July 12, 2019
•[ hack, finance ]
MyDashWallet.org recommends that its users remove any funds from their wallets as the site has been compromised for the past two months, between May 13 and July 12.
Chase Bank Customers
April 25, 2019
•[ social, phishing, finance ]
A new phishing scam targeting Chase bank customers is discovered that not only asks for personal information, but also requests that the victim uploads a selfie of himself holding his ID or driver license.
Users in Chile
April 10, 2019
•[ financial, malware, finance ]
Researchers from SI-LAB reveal the details of a cyber attack carried out via a variant of the EMOTET banking trojan, targeting users in Chile.
Zilliqa
April 6, 2019
•[ social, phishing, finance ]
Users of the blockchain platform Zilliqa are the targets of a phishing attack carried out by a fraudulent entity calling itself Zollo.
