Dnipropetrovsk Department of Law Enforcement
August 9, 2014
•[ hack, leak, espionage ]
Pro Russian Hacker collective CyberBerkut accesses the information resources of the regional department of the military law and order service in Dnipropetrovsk and leaks some private correspondence.
Penn State College of Medicine
July 10, 2014
•[ leak, malware, education ]
1176 Penn State College of Medicine alumni's Social Security numbers might have been compromised after malware was found on a university computer.
Denmark's Socialist Party
June 11, 2014
•[ leak, government ]
The Danish branch of the infamous collective Anonymous targets Denmark's Socialist Party (Socialistisk Folkeparti) for signing and passing mass Internet surveillance bill and leaks logins and SSNs of a couple of dozens of members.
Manga Traders
June 9, 2014
•[ leak, misconfiguration, technology ]
In June 2014, the Manga trading website Mangatraders.com had the usernames and passwords of over 900k users leaked on the internet (approximately 855k of the emails were unique). The passwords were weakly hashed with a single iteration of MD5 leaving them vulnerable to being easily cracked.
Office
May 29, 2014
•[ leak, retail ]
UK shoe retailer Office sends its customers an email, explaining that it has suffered a serious security breach. Information accessed includes customers' names, addresses, birth date and month (but not year), password and phone number of accounts created prior to August 2013.
Fridae
May 2, 2014
•[ leak, misconfiguration, technology ]
In May 2014, over 25,000 user accounts were breached from the Asian lesbian, gay, bisexual and transgender website known as "Fridae". The attack which was announced on Twitter appears to have been orchestrated by Deletesec who claim that "Digital weapons shall annihilate all secrecy within governments and corporations". The exposed data included password stored in plain text.
DeKalb Health
April 29, 2014
•[ leak, healthcare ]
Dekalb Health notifies that 1,361 records including a mix of names, Social Security numbers, dates of birth, credit card numbers, addresses, phone numbers, passwords, email addresses, insurance information, service types, and other details have been compromised.
NextGenUpdate
April 22, 2014
•[ leak, technology ]
Early in 2014, the video game website NextGenUpdate reportedly suffered a data breach that disclosed almost 1.2 million accounts. Amongst the data breach was usernames, email addresses, IP addresses and salted and hashed passwords.
University of Virginia
April 21, 2014
•[ leak, education ]
University of Virginia (1 million files leaked).
University of Pittsburgh Medical Center
April 17, 2014
•[ leak, healthcare ]
UPMC (University of Pittsburgh Medical Center) reveals the real dimension of a data breach it suffered. Personal information for as many as 27,000 workers might have been compromised.
LaCie
April 15, 2014
•[ leak, malware, technology ]
LaCie confirms in a statement that malware successfully made its way through to access sensitive customer information stemming from transactions on its website. Virtually everyone who shopped on LaCie's website in the last year is at risk.
Anonymous
April 13, 2014
•[ hack, leak, espionage ]
Israeli hackers attacked computers belonging to Anonymous and allied hacker groups, taking pictures with exploited webcams and posting the photos online.
CafeMom
April 10, 2014
•[ leak, technology ]
In 2014, the social network for mothers CafeMom suffered a data breach. The data surfaced alongside a number of other historical breaches including Kickstarter, Bitly and Disqus and contained 2.6 million email addresses and plain text passwords.
Cerberus
March 28, 2014
•[ leak, technology ]
Over 96,000 users of the Cerberus anti-theft application for Android are advised to change their passwords after the company suffered a data breach.
Quantum Booter
March 18, 2014
•[ leak, ddos, technology ]
In March 2014, the booter service Quantum Booter (also referred to as Quantum Stresser) suffered a breach which lead to the disclosure of their internal database. The leaked data included private discussions relating to malicious activity Quantum Booter users were performing against online adversaries, including the IP addresses of those using the service to mount DDoS attacks.
JCM Partners
March 6, 2014
•[ leak, misconfiguration ]
Real estate management company JCM Partners notifies an undisclosed number of housing applicants that their personal information has been exposed online.
Church of Cyprus
March 5, 2014
•[ hack, leak ]
The hacker @security_511 hacks the Church of Cyprus website (churchofcyprus.org.cy) and dumps 1,476 user account credentials with full names, email addresses and encrypted passwords.
Kaiser Permanente
February 28, 2014
•[ leak, malware, healthcare ]
Health services provider Kaiser Permanente notifies roughly 5,100 members that their personal information may be at risk after malware was discovered on a server used by the Kaiser Permanente Northern California Division of Research.
Alaska Communications
February 27, 2014
•[ leak, malware, technology ]
Alaska Communications notifies an undisclosed number of current and former employees that their names, addresses, birthdates and Social Security numbers may have been exposed when a company computer was infected with a malware.
Spirol International
February 21, 2014
•[ leak, manufacturing ]
Yet another attack by @DeleteSec. This time the victim is Spirol International (spirol.com) and as a result over 70,889 of the company's affected credentials are leaked online.
