IIMJobs
December 31, 2018
•[ hack, leak, misconfiguration ]
In December 2018, the Indian job portal IIMJobs suffered a data breach that exposed 4.1 million unique email addresses. The data also included names, phone numbers, geographic locations, dates of birth, job titles, job applications and cover letters plus passwords stored as unsalted MD5 hashes. The data was provided to HIBP by dehashed.com.
BannerBit
December 29, 2018
•[ leak, technology ]
In approximately December 2018, the online ad platform BannerBit suffered a data breach. Containing 213k unique email addresses and plain text passwords, the data was provided to HIBP by a third party. Multiple attempts were made to contact BannerBit, but no response was received.
Hayley Atwell
December 24, 2018
•[ hack, leak ]
"Captain America" actress Hayley Atwell's nude photos are allegedly hacked and those behind it threatened to release the images, according to reports.
British Post Office
December 23, 2018
•[ leak, government ]
A threat actor compromised the British Post Office and local government networks, stealing personal data including email addresses and mobile phone numbers of thousands of employees.
Borough of Westwood
December 22, 2018
•[ leak, government ]
The borough of Westwood, discloses a data breach that began in December 2018.
Click2Gov
December 18, 2018
•[ leak, government ]
According to a new report published by Gemini Advisory, in the wake of the Click2Gov breach, at least 294,929 payment records have been compromised in 46 U.S. cities and sold in the Dark Web.
NASA
December 18, 2018
•[ leak, government ]
NASA alerts its employees of a possible compromise of NASA servers containing personally identifiable information. The breach was discovered on October 23, and affects NASA Civil Service employees from July 2006 through October 2018.
Ajarn
December 13, 2018
•[ leak, education ]
In September 2021, the Thai-based English language teaching website Ajarn discovered they'd been the victim of a data breach dating back to December 2018. The breach was self-submitted to HIBP and included 266k email addresses, names, genders, phone numbers and other personal information. Hashed passwords were also impacted in the breach.
Ramsey County Social Services
December 11, 2018
•[ leak, government ]
A cyber attack on the Ramsey County Social Services, occurred in August, may have compromised hundreds of clients' private health information.
Mappery
December 11, 2018
•[ leak, misconfiguration, technology ]
In December 2018, the mapping website Mappery suffered a data breach that exposed over 205k unique email addresses. The incident also exposed usernames, the geographic location of the user and passwords stored as unsalted SHA-1 hashes. No response was received from Mappery when contacted about the incident.
