Caribou Coffee
December 20, 2018
•[ hack, malware, retail ]
US coffee store chain Caribou Coffee announces a security breach after it discovered unauthorized access of its POS systems. The breach was discovered on November 28, and the company listed 239 stores of its total 603 locations as impacted.
SAIPEM
December 20, 2018
•[ hack, malware, energy ]
An attack on the Italian oil firm Saipem targeted servers based in India, Kuwait, Saudi Arabia, Scotland, and the United Arab Emirates. Hackers used a variant of the Shamoon virus.
Warby Parker
December 20, 2018
•[ hack, brute-force, retail ]
Warby Parker discloses that roughly 198,000 of its customers may have been affected by a credential stuffing attack targeting the eyeglass retail chain. The unauthorized activity started on Sept. 25 and continued through late November.
California Department of Consumer Affairs
December 19, 2018
•[ hack, malware, government ]
The California Department of Consumer Affairs suffers a malware attack, affecting workstations and disrupting computer networks.
The Wall Street Journal's website
December 17, 2018
•[ hack, misconfiguration, technology ]
The Wall Street Journal's website is defaced with a post containing a fake apology supporting YouTube megastar PewDiePie, previously accused of antisemitism by the same paper.
CCRM Dallas-Fort Worth
December 16, 2018
•[ hack, healthcare ]
CCRM Dallas-Fort Worth becomes aware of a potential data security incident that may have resulted in the inadvertent exposure of patients' personal and health information, after a former nurse's email account is hacked.
Schenectady County
December 13, 2018
•[ hack, malware, government ]
Schenectady County, shuts down its government website after a cyberattack via malware.
French Ministry of Europe and Foreign Affairs
December 13, 2018
•[ hack, government ]
The personal information of 540,563 individuals is stolen from an emergency contact database after the website of the French Ministry of Europe, and Foreign Affairs is hacked.
Wanelo
December 13, 2018
•[ hack, retail ]
In approximately December 2018, the digital mall Wanelo suffered a data breach. The data was later placed up for sale on a dark web marketplace along with a collection of other data breaches in April 2019. A total of 23 million unique email addresses were included in the breach alongside passwords stored as either MD5 or bcrypt hashes. After the initial HIBP load, further data containing names, shipping addresses and IP addresses were also provided to HIBP, albeit without direct association to the email addresses and passwords. The data was provided to HIBP by a source who requested it be attributed to "JimScott.Sec@protonmail.com".
Baylor Scott & White Medical Center
December 10, 2018
•[ financial, hack, healthcare ]
Baylor Scott & White Medical Center notifies approximately 47,000 patients or guarantors that their payment information, including partial credit card information, may have been subject to a computer intrusion to a third-party credit card processing system.
SAIPEM
December 10, 2018
•[ hack, malware, energy ]
Italian oil services company SAIPEM is hit by a new version of the Shamoon malware. The attack started in India and hit the servers in Saudi Arabia, the United Arab Emirates and Kuwait. Fingers are pointed to Iran.
Titan Manufacturing and Distributing
December 7, 2018
•[ hack, malware, manufacturing ]
Titan Manufacturing and Distributing notifies consumers that its computer system had been compromised by malware during the period of November 23, 2017 to October 25, 2018.
City of Topeka
December 7, 2018
•[ hack, misconfiguration, government ]
Another possible Click2Gov breach: Topeka's third-party payment vendor is breached possibly exposing the personal information of about 10,000 residents.
BeatStars
December 4, 2018
•[ hack, technology ]
BeatStars, a marketplace for selling music production beats, is mass-defaced.
San Francisco State University
December 4, 2018
•[ hack, phishing, education ]
Dozens of San Francisco State University student accounts are hacked in a phishing attack.
National Republican Congressional Committee (NRCC)
December 4, 2018
•[ hack, government ]
Politico reveals that the emails of top NRCC officials were hacked in a major 2018 attack that occurred in April.
Prime Staff Inc.
December 4, 2018
•[ hack ]
Prime Staff Inc. joins the list of the companies hacked by TheDarkOverlord. Thousands of employees' files are stolen.
Caribbean Island Properties
December 4, 2018
•[ hack ]
Caribbean Island Properties is hacked by TheDarkOverlord.
Ukraine Telecommunications Network
December 4, 2018
•[ espionage, hack, technology ]
The Security Service of Ukraine (SBU) reveals to have stopped a "massive" cyberattack against the country's telecommunications network, and blames the Kremlin for the attempted hack.
Czech Ministry of Defense
December 3, 2018
•[ espionage, hack, government ]
The Czech Security Intelligence Service (BIS) says that two Russian-linked cyber-espionage groups have hacked into the Czech Republic's government networks during 2016 and 2017.
