OneLogin
May 31, 2017
•[ hack, misconfiguration, technology ]
OneLogin reveals the details about an attack on its systems, confirming that a "threat actor" has accessed database tables including "information about users, apps, and various types of keys." The attacker was been able to rifle through OneLogin's infrastructure for seven hours.
Road Sign in Houston
May 30, 2017
•[ hack, misconfiguration, government ]
Someone hacks a road sign in Houston with a message against Donald Trump.
Liverpool One Shopping Centre
May 30, 2017
•[ hack, retail ]
Liverpool One shopping centre is forced to shut down a slew of digital billboards after an unknown hacker tampers with the signage.
Fast Health
May 28, 2017
•[ hack, misconfiguration, healthcare ]
Fast Health reports a security breach that could affect over 700 of their patients, when a third-party altered a code on their server, stealing the credit card information of close to 700 customers who paid bills online from January 14, 2016 to December 20, 2016.
Prairie Mountain Health
May 27, 2017
•[ hack, healthcare ]
The personal and medical information of more than 1,000 Prairie Mountain Health patients are at risk after an internal website is hacked.
Wooster-Ashland Regional Council of Governments
May 26, 2017
•[ hack, government ]
The Wooster-Ashland Regional Council of Governments computer network is hacked and more than 200,000 records in are compromised.
University of Wisconsin Health
May 25, 2017
•[ hack, phishing, healthcare ]
UW Health says that 2,036 patients had information compromised after an employee's email account was used by an unauthorized user on March 28, 2017.
The Harvard Crimson
May 25, 2017
•[ hack, misconfiguration, education ]
The website of Harvard's 144-year-old newspaper is defaced and posts fake stories and an altered picture of Facebook CEO Mark Zuckerberg (who was visiting the institution).
Salem State University Twitter Account
May 20, 2017
•[ hack, education ]
Salem State University officials apologize after several racist tweets (against Black Lives Matter) were sent out when the school's Twitter account was hacked (@SalemState).
DaFont
May 18, 2017
•[ hack, technology ]
The popular font sharing site DaFont.com is hacked, exposing the site's entire database of 699,464 user accounts.
Panic
May 18, 2017
•[ hack, malware, technology ]
Apple app maker Panic's CEO Steven Frank says he mistakenly downloaded the malware-laced DVD-ripping app HandBrake resulting in some of the company's source code being stolen.
University of California Los Angeles
May 18, 2017
•[ hack, education ]
UCLA reports a cyberattack against a Summer Sessions & International Education Office server that contains personal information provided by students. The attack happened on May 18 and affects potentially up to 32,000 students.
Zomato
May 17, 2017
•[ hack, technology ]
In May 2017, the restaurant guide website Zomato was hacked resulting in the exposure of almost 17 million accounts. The data was consequently redistributed online and contains email addresses, usernames and salted MD5 hashes of passwords (the password hash was not present on all accounts). This data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.
Bell Canada
May 16, 2017
•[ hack, technology ]
Bell Canada says that 1.9 million customer account details have been stolen by unknown hackers, although no payment card numbers or passwords have been taken.
DaFont
May 16, 2017
•[ hack, sqlinjection, technology ]
In May 2017, font sharing site DaFont suffered a data breach resulting in the exposure of 637k records. Allegedly due to a SQL injection vulnerability exploited by multiple parties, the exposed data included usernames, email addresses and passwords stored as MD5 without a salt.
Tiong Bahru Plaza
May 12, 2017
•[ hack, retail ]
Message Manipulation; Data Attack
Edmodo
May 11, 2017
•[ leak, hack, education ]
In May 2017, the education platform Edmodo was hacked resulting in the exposure of 77 million records comprised of over 43 million unique customer email addresses. The data was consequently published to a popular hacking forum and made freely available. The records in the breach included usernames, email addresses and bcrypt hashes of passwords.
Cedexis
May 10, 2017
•[ hack, ddos, technology ]
A DDos attack against Cedexis knocks out several major French news websites including Le Monde and Le Figaro.
Confluence Charter Schools
May 6, 2017
•[ hack, education ]
The network servers for Confluence Charter Schools are hacked, but school leadership say there is no evidence that student or employee data have been compromised.
Debenhams
May 5, 2017
•[ hack, malware, retail ]
Malware infects the backend systems used by British high street chain Debenhams, and steals 26,000 people's personal information in the process. The hack happened after compromising the systems at Ecomnova, the firm that runs the Debenhams Flowers business, for more than six weeks.
