Nikkei Inc.
May 8, 2020
•[ leak, malware, technology ]
Nikkei Inc. announces that personal information on a total of 12,514 people had been leaked after a computer used by a group company employee was infected with a virus in an apparent cyberattack.
HomeChef
May 8, 2020
•[ leak, misconfiguration, retail ]
A database with 8 million records belonging to the meal kit delivery service HomeChef is put on sale on the dark web.
MobiFriends
May 7, 2020
•[ leak, technology ]
The personal details of 3,688,060 users registered on the MobiFriends dating app are posted online and available for download. The data was obtained in a security breach that took place in January 2019.
Central California Alliance for Health
May 7, 2020
•[ leak, healthcare ]
The Central California Alliance for Health (the Alliance) announced Tuesday it recently become aware of a data security breach that may have resulted in the unintentional disclosure of member health information.
StorEnvy
May 7, 2020
•[ leak, hack, retail ]
The e-commerce website StorEnvy is hacked and as a result, personal details of over 1.5 million customers and merchants are leaked online.
44 million Pakistani mobile subscribers
May 6, 2020
•[ leak, technology ]
The details of 44 million Pakistani mobile subscribers are leaked online.
Bukalapak
May 4, 2020
•[ leak, retail ]
The data of 13 million users of the e-commerce platform Bukalapak are posted on a dark web forum, despite the company denying the breach.
Chronicle
May 3, 2020
•[ leak, education ]
Chronicle.com, a news source for higher education, is the latest victim to have a database dumped from the ShinyHunters collective (3 million records).
UseNeXT
April 29, 2020
•[ leak, technology ]
UseNeXT and Usenet.nl, two companies that provide Usenet services, disclose security breaches today, blaming the breaches on "a security vulnerability at a partner company."
Aeries Student Information Systems
April 27, 2020
•[ leak, education ]
Multiple school districts are impacted by a breach of Aeries Student Information Systems that occurred in November 2019.
Huiying Medical Technology
April 25, 2020
•[ leak, technology ]
Researchers from Cyble identify a threat actor attempting to sell Huiying Medical Technology's source code for AI-assisted COVID-19 detection and experimental data.
Valve
April 22, 2020
•[ leak, technology ]
The source code of Valve's Team Fortress 2 and Counter-Strike: Global Offensive games was leaked.
Benefit Recovery Specialists, Inc.
April 20, 2020
•[ leak, misconfiguration, finance ]
The personal data of 274,837 has been exposed after a data breach at Benefit Recovery Specialists, Inc., a Texas-based billing and collection company.
Webkinz World
April 18, 2020
•[ leak, hack ]
A hacker leaks the usernames and passwords of nearly 23 million players of Webkinz World, an online children's game managed by Canadian toy company Ganz.
Aptoide
April 17, 2020
•[ leak, technology ]
A hacker leaks the details of 20 million users of Aptoide, a third-party app store for Android applications.
Tokopedia
April 17, 2020
•[ leak, retail ]
In April 2020, Indonesia's largest online store Tokopedia suffered a data breach. The incident resulted in 15M rows of data being posted to a popular hacking forum. An additional 76M rows were later provided to HIBP in July 2020. In total, the data included over 71M unique email addresses alongside names, genders, birth dates and passwords stored as SHA2-384 hashes.
Doctors based in the US
April 12, 2020
•[ leak, healthcare ]
A cybercriminal is selling the personal and contact details of 1.41 million doctors based in the United States.
Quidd
April 10, 2020
•[ leak, retail ]
Quidd, an online marketplace for trading stickers, cards, toys, and other collectibles, appears to have suffered a data breach in 2019, and the details of around four million users are now being shared for free on underground hacking forums.
Niazpardaz[.]ir
April 9, 2020
•[ leak, misconfiguration, technology ]
Someone is selling the personal details of 45,000 Iranians on the dark web. The data appears to have been taken from several sites including Niazpardaz[.]ir and Arzi24[.]com.
Vianet
April 8, 2020
•[ hack, leak, technology ]
In April 2020, the Nepalese internet service provider Vianet suffered a data breach. The attack on the ISP led to the exposure of 177k customer records including 94k unique email addresses. Also exposed were names, phone numbers and physical addresses.
