Deerfield, Michigan
March 25, 2021
•[ leak, government ]
Town of Deerfield suffers a data breach compromising resident personal information.
RDC
March 25, 2021
•[ leak, misconfiguration, automotive ]
RDC, a Dutch company that provides garage and maintenance services to Dutch car owners, confirms a data breach after the personal and vehicle details of 7.5 millions of Dutch car owners are posted for sale on a well-known cybercrime forum.
Dollar Bank
March 24, 2021
•[ leak, finance ]
Dollar Bank files a notice of data breach after learning that an unauthorized party was able to access confidential information belonging to Standard Bank customers before the two banks merged.
PCS Revenue Control Systems, Inc
March 24, 2021
•[ leak, education ]
PCS Revenue Control Systems, Inc notifies multiple schools to have suffered a data breach in December 2019. The list of victims include: Polk County Schools, Alachua County Schools, Dekalb Schools.
Avianis
March 23, 2021
•[ leak, misconfiguration, technology ]
Private aviation services provider Solairus Aviation announces that some employee and customer data was compromised in a security incident at third-party vendor Avianis.
PDI Group
March 23, 2021
•[ ransomware, leak, government ]
The Babuk ransomware gang leaks 700 GB of data belonging to PDI Group, a US military contractor.
Shell Oil Company
March 23, 2021
•[ leak, energy ]
Shell is affected by the Accellion breach.
California State Controller's Office (SCO)
March 20, 2021
•[ leak, phishing, government ]
The California State Controller's Office (SCO) reports that a phishing attack led to a data breach that exposed personnel files and email contacts for more than a day.
Liker
March 20, 2021
•[ leak, social ]
Liker.com, the anti-Trump social Network, is breached and around 400, records are leaked.
Individual Taxpayer Registry (CPF)
March 19, 2021
•[ hack, leak, government ]
Police have arrested the man suspected of hacking and disseminating the information of 223 million Brazilians, the largest leak in that country's history. The hacker reportedly accessed the data of companies such as the Individual Taxpayer Registry (CPF) and the Corporate Taxpayer Registry (CNPJ).
Carding Mafia (March 2021)
March 18, 2021
•[ leak, financial ]
In March 2021, the Carding Mafia forum suffered a data breach that exposed almost 300k members' email addresses. Dedicated to the theft and trading of stolen credit cards, the forum breach also exposed usernames, IP addresses and passwords stored as salted MD5 hashes.
Sewell Family of Companies
March 17, 2021
•[ leak, retail ]
The Sewell Family of Companies (a car dealership organization) discloses a security breach.
Midlands News Association
March 17, 2021
•[ leak ]
The Midlands News Association confirms a "data security incident", which led to the personal information of former employees being published online.
IDC Games
March 15, 2021
•[ leak, hack, technology ]
In March 2021, 4 million records sourced from IDC Games were shared on a public hacking forum. The data included usernames, email addresses and passwords stored as salted MD5 hashes.
i-vic International
March 12, 2021
•[ leak, malware, administrative ]
A malware infects the email account of an employee at i-vic International, leading to the unauthorized access of the mailbox, which had personal data of the affected 30,000 individuals.
WeLeakInfo
March 11, 2021
•[ leak, technology ]
A user on a popular hacker forum is selling a database containing highly sensitive information of more than 24,000 customers of the now-defunct illegal online service WeLeakInfo.
Viverant PT
March 9, 2021
•[ leak, phishing, healthcare ]
Minnesota physical therapy office suffers data breach of patient personal information as a result of a compromised employee email.
Magnolia Independent School District
March 8, 2021
•[ leak, misconfiguration, education ]
Magnolia ISD is responding to a technology breach that occurred Sunday afternoon, school officials confirmed. The district said the unauthorized messages were shared via social media, text messages, emails and phone calls.
WeLeakInfo
March 8, 2021
•[ leak, misconfiguration, technology ]
In March 2021, the Stripe account of the now-defunct WeLeakInfo service was taken over by "pompompurin" after acquiring an expired domain name with an email address used to manage the account. Access to Stripe then exposed almost 12k unique email addresses from customers who'd made credit card payments in order to obtain breached data hosted by WeLeakInfo. The data was subsequently leaked publicly and also included names, payment histories, IP addresses, billing addresses, partial credit card data and the organisation making the purchase.
Crdclub
March 6, 2021
•[ hack, leak, finance ]
The Crdclub cybercrime forum is hacked and member data is leaked.
