Pellissippi State Community College
February 4, 2019
•[ leak, misconfiguration, education ]
More than 200 current and former students of Pellissippi State Community College could be in danger of identity theft because an unauthorized user had access to their personal information.
devkitPro
February 3, 2019
•[ leak, misconfiguration, technology ]
In February 2019, the devkitPro forum suffered a data breach. The phpBB based forum had 1,508 unique email addresses exposed in the breach alongside forum posts, private messages and passwords stored as weak salted hashes. The data breach was self-submitted to HIBP by the forum operator.
Houzz
January 31, 2019
•[ leak, technology ]
Home improvement startup Houzz informs its users that it suffered a data breach in December 2018. The company has not provided details about the occurrence but contacted its users to encourage them to change their passwords as a precautionary measure.
Youthmanual
January 31, 2019
•[ leak, education ]
In January 2019, the Indonesian college and career platform Youthmanual suffered a data breach that exposed 1.1M records of data. The breached included 938k unique email addresses along with extensive personal information including names, genders, dates and places of birth, phone numbers, physical addresses and salted SHA-1 password hashes.
Airbus
January 30, 2019
•[ hack, leak, manufacturing ]
Airbus says it detected a cyber attack on its information systems which resulted in a data breach but it said the incident did not affect its commercial operations.
BenefitMall
January 29, 2019
•[ hack, leak, technology ]
Delaware's Department of Insurance announces that 650 residents and 5 companies located within the state are impacted by a 2018 data breach of BenefitMall, an HR services administrator. An employee email was compromised between June 2018 and October 11.
Vale
January 29, 2019
•[ leak, energy ]
The Brazilian multinational mining company Vale is hacked and confidential internal documents are leaked (about 40 thousand files in a 500 MB folder).
Universiti Teknologi Mara (UiTM)
January 25, 2019
•[ leak, misconfiguration, education ]
A total of 1,164,540 records, belonging to students at Universiti Teknologi Mara (UiTM) between 2000 and 2018 are leaked online. According to sources, the data happened between February and March 2018.
Discover Financial Services
January 25, 2019
•[ leak, finance ]
Discover Financial Services reveals that on August 13, 2018, an undisclosed number of Discover card accounts might have been part of a data breach to occurred to a merchant.
ixigo
January 3, 2019
•[ leak, misconfiguration, technology ]
In January 2019, the travel and hotel booking site ixigo suffered a data breach. The data appeared for sale on a dark web marketplace the following month and included over 17M unique email addresses alongside names, genders, phone numbers, connections to Facebook profiles and passwords stored as MD5 hashes. The data was provided to HIBP by a source who requested it to be attributed to "BenjaminBlue@exploit.im".
China Railway
January 2, 2019
•[ leak, misconfiguration ]
Data thieves steal the personal information of nearly 5 million people from an unconfirmed number of Chinese online ticket reservation platforms, according to Beijing police, who arrested a suspect in the case.
Victorian government
January 1, 2019
•[ leak, phishing, government ]
The work details of 30,000 Victorian public servants have been stolen in a data breach, after part of the Victorian Government directory was downloaded by an unknown party after an employee's email account is compromised.
Royal Enfield
January 1, 2019
•[ leak, misconfiguration, automotive ]
In January 2020, motorcycle maker Royal Enfield left a database publicly exposed that resulted in the inadvertent publication of over 400k customers. The impacted data included email and physical addresses, names, motorcycle information, social media profiles, passwords, and other personal information. The data was provided to HIBP by a source who requested it be attributed to "white_peacock@riseup.net".
