Etherscan
July 23, 2018
•[ hack, xss, finance ]
Visitors of the popular Ethereum blockchain explorer Etherscan.io are shown a pop-up message showing "1337" indicating the website has been compromised.
Clark University
July 20, 2018
•[ hack, phishing, education ]
Clark University in Massachusetts notifies some students whose personal information, including Social Security Numbers, were in an employee's email account that had been accessed between March 19 and March 23rd, amid a phishing attack.
NorthStar Anesthesia
July 20, 2018
•[ hack, phishing, healthcare ]
NorthStar Anesthesia notifies patients after some employee email accounts are compromised between April 3 and May 24, 2018.
Boys Town National Research Hospital
July 20, 2018
•[ hack, phishing, healthcare ]
Boys Town National Research Hospital discloses data breach that may have exposed PHI on 105,309 individuals. The hospital, on May 23, discovered unusual activity relating to an employee's email account.
Golden Heart Administrative Professionals
July 20, 2018
•[ hack, healthcare ]
Golden Heart Administrative Professionals, a billing company and business associate of several healthcare providers in Alaska, notifies 44,600 individuals that some of their protected health information has potentially been accessed by unauthorized individuals.
Ochre Health Wollongong
July 20, 2018
•[ hack, healthcare ]
An unspecified cyber incident at Ochre Health Wollongong medical centre leaves patients without the possibility to access their patient data.
Liverpool FC
July 19, 2018
•[ hack, financial ]
Liverpool FC's fan database is hacked resulting in a serious data breach for around 150 supporters. The club confirms that season ticket holder information - including home addresses and bank details - were stolen from a club email account.
Adhoc
July 18, 2018
•[ hack ]
The website of Adhoc, a Cambodian rights group, is defaced.
LabCorp
July 16, 2018
•[ hack, healthcare ]
LabCorp, the US' biggest blood testing laboratories network, announces that hackers breached its IT network over the weekend.
Southern College of Optometry
July 16, 2018
•[ hack, healthcare ]
The Southern College of Optometry notifies an undisclosed number of students whose student loan information and Social Security numbers were in an employee email account that was hacked.
League of Legends Philippines'
July 15, 2018
•[ hack, malware, technology ]
League of Legends Philippines' confirms an unauthorized modification in their client lobby code resulting in the injection of the Coinhive Monero miner.
Pennsylvania Department of Health
July 13, 2018
•[ hack, government ]
A government spokesman reveals that the Pennsylvania Department of Health's birth certificate system was shut down for nearly a week last month after someone hacked into an internal website but did not take or alter citizens records.
Chlorine distillation plant in Ukraine
July 11, 2018
•[ hack, malware, energy ]
The Ukrainian Secret Service (SBU) reveals it stopped a cyber-attack with the VPNFilter malware on a chlorine distillation plant in the village of Aulska, in the Dnipropetrovsk region. The SBU accuses Russia of operating the malware and launching the attack.
BP
July 11, 2018
•[ hack, retail ]
BP emails about 60,000 people who applied for jobs in its retail stores since 2008 to notify them they could have had their personal information accessed by hackers. The company originally thought about 10,000 applicants' data had been breached.
Major international airport
July 11, 2018
•[ hack, misconfiguration, technology ]
While researching underground hacker marketplaces, researchers from McAfee discover that access linked to security and building automation systems of a major international airport could be bought for only US$10.
Cambodian Ministry of Foreign Affairs and International Cooperation
July 10, 2018
•[ espionage, hack, government ]
A threat actor has compromised political parties, as well as organizations charged with overseeing the 2018 Cambodian elections, for espionage purposes. The threat actors, who are likely Chinese, have also targeted Cambodian government organizations. One of the targets is the Cambodian Ministry of Foreign Affairs and International Cooperation.
Cambodian People's Party
July 10, 2018
•[ espionage, hack, government ]
A threat actor has compromised political parties, as well as organizations charged with overseeing the 2018 Cambodian elections, for espionage purposes. The threat actors, who are likely Chinese, have also targeted Cambodian government organizations. One of the targets is the ruling Cambodian People's Party.
Animoto
July 10, 2018
•[ hack, technology ]
In July 2018, the cloud-based video making service Animoto suffered a data breach. The breach exposed 22 million unique email addresses alongside names, dates of birth, country of origin and salted password hashes. The data was provided to HIBP by a source who requested it be attributed to "JimScott.Sec@protonmail.com".
Macy's Inc.
July 9, 2018
•[ hack, phishing, retail ]
Macy's Inc. warns customers that hackers compromised the login information of some users of the retailer's websites. The suspicious activity took place from April 26 to June 12. A third party obtained valid usernames and passwords through websites not related to macys.com.
Gas station in Detroit
July 9, 2018
•[ hack, misconfiguration, retail ]
Police in Detroit are looking into an apparent hack at a gas station that allowed people to steal more than 600 gallons of gas, valued at over $1,800. Authorities believe the thieves used some sort of remote device to take control of the pump.
