ENTSO-E
March 9, 2020
•[ hack, energy ]
The European Network of Transmission System Operators for Electricity (ENTSO-E), says that its IT network had been compromised in a "cyber intrusion."
TrueFire
March 9, 2020
•[ hack, malware, education ]
The popular online guitar tutoring website TrueFire suffers a 'Magecart' attack that might have exposed customers' personal information and payment card data.
University of Kentucky
March 8, 2020
•[ hack, malware, education ]
The University of Kentucky and UK HealthCare discovers that is suffered a malware attack aimed to install cryptominers.
BJC HealthCare
March 6, 2020
•[ hack, phishing, healthcare ]
BJC HealthCare warns patients that their information may have been exposed after it discovered someone gained unauthorized access to three employee email accounts on March 6.
Boots
March 4, 2020
•[ hack, brute-force, retail ]
Boots suspends payments using loyalty points in shops and online after attempts to break into customers' accounts using stolen passwords.
T-Mobile
March 4, 2020
•[ hack, technology ]
US telecommunications giant T-Mobile discloses a security breach that impacted both its employees and customers alike. The attackers gained access to "certain T-Mobile employee email accounts, some of which contained account information for T-Mobile customers and employees."
J.Crew
March 3, 2020
•[ hack, retail ]
Clothing giant J.Crew says an unknown number of customers had their online accounts accessed "by an unauthorized party" in or around April 2019.
Tesco
March 2, 2020
•[ hack, brute-force, retail ]
Tesco issues new cards to 600,000 Clubcard account holders after a credential stuffing attack.
Digitex
February 29, 2020
•[ hack, finance ]
A hacker dubbed Digileaker claims to have stolen the data related to 8,000 Digitex users.
Munson Healthcare Group
February 28, 2020
•[ hack, phishing, healthcare ]
Munson Healthcare Group discloses that hackers gained access to patient data placed by compromising the email accounts of at least two employees. Patient records were accessed from July 31, 2019, to October 22, 2019, but the breach went undetected until January 16, 2020.
AnimeGame
February 27, 2020
•[ hack, technology ]
In February 2020, the gaming website AnimeGame suffered a data breach. The incident affected 1.4M subscribers and exposed email addresses, usernames and passwords stored as salted MD5 hashes. The data was subsequently shared on a popular hacking forum and was provided to HIBP by dehashed.com.
OKEx
February 27, 2020
•[ hack, ddos, finance ]
OKEx and Bitfinex suffered simultaneous distributed denial of service (DDoS) attacks.
Bretagne Tcom
February 26, 2020
•[ ransomware, hack, malware ]
Cloud services provider Bretagne T l com is hacked by the threat actors behind the DoppelPaymer Ransomware using CVE-2019-19781.
Sachs Sax Caplan, P.L.
February 26, 2020
•[ hack ]
Sachs Sax Caplan, P.L. announces that an unauthorized third-party has gained access to certain systems and email accounts.
Ordnance Survey
February 24, 2020
•[ hack, government ]
A hacker stole the personal data of 1,000 employees of the Ordnance Survey, the government-owned mapping agency for Britain. The breach occurred on January this year.
German PayPal users
February 24, 2020
•[ financial, hack, finance ]
According to multiple reports, a critical PayPal vulnerability is behind thefts over recent days from numerous German PayPal users (fraudulent transactions with U.S. stores).
Secretariat of the Economy of Mexico
February 23, 2020
•[ hack, government ]
Mexico's economy ministry detects a cyber attack on some of its servers.
TrueFire
February 21, 2020
•[ hack, education ]
In February 2020, the guitar tuition website TrueFire suffered a data breach which impacted 600k members. The breach exposed extensive personal information including names, email and physical addresses, account balances and unsalted MD5 password hashes. The data was provided to HIBP by dehashed.com.
Coinhako
February 21, 2020
•[ hack, finance ]
Coinhako is hit by a sophisticated attack.
VibrantCare Rehabilitation
February 20, 2020
•[ hack, healthcare ]
VibrantCare Rehabilitation notifies 1,655 patients after an employee's email account is accessed.
