T-Mobile
March 4, 2020
•[ hack, technology ]
US telecommunications giant T-Mobile discloses a security breach that impacted both its employees and customers alike. The attackers gained access to "certain T-Mobile employee email accounts, some of which contained account information for T-Mobile customers and employees."
J.Crew
March 3, 2020
•[ hack, retail ]
Clothing giant J.Crew says an unknown number of customers had their online accounts accessed "by an unauthorized party" in or around April 2019.
Tesco
March 2, 2020
•[ hack, brute-force, retail ]
Tesco issues new cards to 600,000 Clubcard account holders after a credential stuffing attack.
Digitex
February 29, 2020
•[ hack, finance ]
A hacker dubbed Digileaker claims to have stolen the data related to 8,000 Digitex users.
Munson Healthcare Group
February 28, 2020
•[ hack, phishing, healthcare ]
Munson Healthcare Group discloses that hackers gained access to patient data placed by compromising the email accounts of at least two employees. Patient records were accessed from July 31, 2019, to October 22, 2019, but the breach went undetected until January 16, 2020.
OKEx
February 27, 2020
•[ hack, ddos, finance ]
OKEx and Bitfinex suffered simultaneous distributed denial of service (DDoS) attacks.
AnimeGame
February 27, 2020
•[ hack, technology ]
In February 2020, the gaming website AnimeGame suffered a data breach. The incident affected 1.4M subscribers and exposed email addresses, usernames and passwords stored as salted MD5 hashes. The data was subsequently shared on a popular hacking forum and was provided to HIBP by dehashed.com.
Bretagne Tcom
February 26, 2020
•[ ransomware, hack, malware ]
Cloud services provider Bretagne T l com is hacked by the threat actors behind the DoppelPaymer Ransomware using CVE-2019-19781.
Sachs Sax Caplan, P.L.
February 26, 2020
•[ hack ]
Sachs Sax Caplan, P.L. announces that an unauthorized third-party has gained access to certain systems and email accounts.
Ordnance Survey
February 24, 2020
•[ hack, government ]
A hacker stole the personal data of 1,000 employees of the Ordnance Survey, the government-owned mapping agency for Britain. The breach occurred on January this year.
German PayPal users
February 24, 2020
•[ financial, hack, finance ]
According to multiple reports, a critical PayPal vulnerability is behind thefts over recent days from numerous German PayPal users (fraudulent transactions with U.S. stores).
Secretariat of the Economy of Mexico
February 23, 2020
•[ hack, government ]
Mexico's economy ministry detects a cyber attack on some of its servers.
Coinhako
February 21, 2020
•[ hack, finance ]
Coinhako is hit by a sophisticated attack.
TrueFire
February 21, 2020
•[ hack, education ]
In February 2020, the guitar tuition website TrueFire suffered a data breach which impacted 600k members. The breach exposed extensive personal information including names, email and physical addresses, account balances and unsalted MD5 password hashes. The data was provided to HIBP by dehashed.com.
VibrantCare Rehabilitation
February 20, 2020
•[ hack, healthcare ]
VibrantCare Rehabilitation notifies 1,655 patients after an employee's email account is accessed.
MGM Resorts
February 19, 2020
•[ hack ]
The personal details of more than 10.6 million users who stayed at MGM Resorts hotels have been published on a hacking forum this week.
United Regional Health Care System
February 19, 2020
•[ hack, phishing, education ]
United Regional Health Care System discloses an incident that occurred last July when someone accessed an employee email account. 2,000 individuals are affected.
PaperlessPay Corporation
February 18, 2020
•[ hack, finance ]
PaperlessPay Corporation, an e-pay vendor, discovers to have been hacked on February 18, putting at risk the identity of multiple customers.
Government data center in Rwanda
February 18, 2020
•[ hack, government ]
A Rwandan data centre that hosts servers related to the country's government is taken down by hackers.
Neebs Gaming YouTube channel
February 15, 2020
•[ hack, social, technology ]
Neebs Gaming, a highly popular YouTube gaming channel is hacked by unidentified crypto scammers, who change its name and banner to Coinbase Pro to collect Bitcoin from its viewers/subscribers.
