Google
July 3, 2017
•[ leak, technology ]
In the wake of the breach that occurred at Sabre Hospitality Solutions earlier in May, the personal details of a small number of Google staffers have been exposed, according to a notification letter Google sends out to affected employees.
8tracks
June 27, 2017
•[ leak, technology ]
Motherboard reveals that millions of accounts for internet radio service 8tracks are being traded on the digital underground. The total number of affected accounts could be as high as 18 million.
Microsoft
June 23, 2017
•[ leak, technology ]
A massive trove of Microsoft's internal Windows 10 operating system builds and portions of its core source code (a total of 32TB) are leaked online.
Exposed VINs
June 5, 2017
•[ leak, misconfiguration, automotive ]
In June 2017, an unsecured database with more than 10 million VINs (vehicle identification numbers) was discovered by researchers. Believed to be sourced from US car dealerships, the data included a raft of personal information and vehicle data along with 397k unique email addresses.
Hotels
June 3, 2017
•[ leak, misconfiguration, retail ]
Hotels.com sends an email to some customers advising that their username, password, email address, and the last four digits of stored credit card numbers were potentially stolen last month (between may 22 and 29).
Good Choice (hotel reservation app)
June 1, 2017
•[ hack, leak, technology ]
Hackers suspected of breaching a popular South Korean mobile app and stealing the personal data of more than 990,000 are arrested by local police in Korea.
Blackburn High School
May 19, 2017
•[ leak, misconfiguration, education ]
Police investigate a major privacy breach at Blackburn High School, which saw the personal information of families, including their phone numbers, addresses and Medicare details, published online.
Bell (2017 breach)
May 15, 2017
•[ leak, insider, telecommunications ]
In May 2017, the Bell telecommunications company in Canada suffered a data breach resulting in the exposure of millions of customer records. The data was consequently leaked online with a message from the attacker stating that they were "releasing a significant portion of Bell.ca's data due to the fact that they have failed to cooperate with us" and included a threat to leak more. The impacted data included over 2 million unique email addresses and 153k survey results dating back to 2011 and 2012. There were also 162 Bell employee records with more comprehensive personal data including names, phone numbers and plain text "passcodes". Bell suffered another breach in 2014 which exposed 40k records.
Edmodo
May 11, 2017
•[ leak, hack, education ]
In May 2017, the education platform Edmodo was hacked resulting in the exposure of 77 million records comprised of over 43 million unique customer email addresses. The data was consequently published to a popular hacking forum and made freely available. The records in the breach included usernames, email addresses and bcrypt hashes of passwords.
Reincubate
May 11, 2017
•[ leak, misconfiguration, technology ]
In October 2020, the app data company Reincubate suffered a data breach which exposed a backup from November 2017 (the newest record in the data appeared several months earlier). The data included over 616k unique email addresses, names and passwords stored as PBKDF2 hashes.
Charlotte Flair, Victoria
May 4, 2017
•[ leak ]
WWE divas Charlotte Flair and Victoria are the latest victims of the Celebgate leak.
City of Fitchburg
May 2, 2017
•[ leak, government ]
Fitchburg, Mass. city officials report that the Social Security numbers of 1,800 residents were compromised during a data breach that was discovered on April 14, but took place more than three years ago.
Ciphr
April 26, 2017
•[ leak, technology ]
Customer data from encrypted phone company Ciphr is dumped online.
R2Games
April 25, 2017
•[ hack, leak ]
Online gaming company Reality Squared Games (R2Games) is hacked for the second time in two years and more than one million accounts are compromised. Leaked data includes usernames, passwords, email addresses, IP addresses, and other optional record fields.
Fashion Fantasy Game
April 20, 2017
•[ leak, technology ]
A 2016 data breach leaves Fashion Fantasy Game, an online game and social network for fashion lovers, with millions of user account credentials being leaked on the web.
AQA (Assessment and Qualifications Alliance)
April 12, 2017
•[ leak, education ]
Data relating to 64,000 current and former examiners stored on some of AQA's online systems are stolen by attackers, including examiners' name, address, personal phone numbers, and passwords.
Youku
April 12, 2017
•[ leak, technology ]
A dark web vendor going by the handle of CosmicDark sells a database containing 100,759,591 user accounts stolen from of Youku Inc., a popular video service in China.
IAAF
April 3, 2017
•[ leak, healthcare ]
IAAF, the governing body of global athletics says it has suffered a cyber attack that it believes has compromised information about athletes' medical records.
Appartoo
March 25, 2017
•[ leak, technology ]
In March 2017, the French Flatsharing site known as Appartoo suffered a data breach. The incident exposed an extensive amount of personal information on almost 50k members including email addresses, genders, ages, private messages sent between users of the service and passwords stored as SHA-256 hashes. Appartoo advised that all subscribers were notified of the incident in early 2017.
Health Now Networks
March 25, 2017
•[ leak, misconfiguration, healthcare ]
In March 2017, the telemarketing service Health Now Networks left a database containing hundreds of thousands of medical records exposed. There were over 900,000 records in total containing significant volumes of personal information including names, dates of birth, various medical conditions and operator notes on the individuals' health. The data included over 320k unique email addresses.
