2,347 US Army personals
June 23, 2016
•[ leak, government ]
As part of #OpSilence, Ghost Squad Hackers publish a file containing data of 2,437 US Army personals including names, emails, phone numbers, full addresses, credit card data.
DAC Group
June 9, 2016
•[ leak, technology ]
DAC Group suffers a security breach resulting in data theft of 93,000 customer accounts. The data also contains 77,000 accounts from State Farm, an insurance company.
Wesizwe
June 3, 2016
•[ leak, energy ]
In name of #OpAfrica, the Anonymous dump online data claimed to come from a database obtained from Wesizwe.
Badoo
June 2, 2016
•[ leak, technology ]
User accounts for dating site Badoo are being traded in the digital underground, including email address, cracked passwords, names, and dates of birth.
ForumCommunity
June 1, 2016
•[ leak, misconfiguration, technology ]
In approximately mid-2016, the Italian-based service for creating forums known as ForumCommunity suffered a data breach. The incident impacted over 776k unique email addresses along with usernames and unsalted MD5 password hashes. No response was received from ForumCommunity when contacted.
Zameen
May 28, 2016
•[ hack, leak ]
A Bangladeshi hacker going with the handle of Tiger Mate hacks and defaces one of Pakistan's largest real estate websites Zameen.com. The hacker also leaks the site's entire database online.
Teracod
May 28, 2016
•[ leak, technology ]
In May 2015, almost 100k user records were extracted from the Hungarian torrent site known as Teracod. The data was later discovered being torrented itself and included email addresses, passwords, private messages between members and the peering history of IP addresses using the service.
Arkansas Library Association
May 26, 2016
•[ leak, education ]
The Caliphate Cyber Army (CCA) leaks details of 800 library workers from the Arkansas Library Association (ALA).
Sindicat de Mossos d'Esquadra
May 20, 2016
•[ hack, leak, government ]
Phineas Fisher, the hacker behind the Gamma International and Hacking Team breaches hacks the Sindicat de Mossos d'Esquadra (the Catalan police union), publishes personal information about police officers (including their badge numbers), and hijacks their Twitter account.
Regpack
May 20, 2016
•[ leak, misconfiguration, finance ]
In July 2016, a tweet was posted with a link to an alleged data breach of BlueSnap, a global payment gateway and merchant account provider. The data contained 324k payment records across 105k unique email addresses and included personal attributes such as name, home address and phone number. The data was verified with multiple Have I Been Pwned subscribers who confirmed it also contained valid transactions, partial credit card numbers, expiry dates and CVVs. A downstream consumer of BlueSnap services known as Regpack was subsequently identified as the source of the data after they identified human error had left the transactions exposed on a publicly facing server. A full investigation of the data and statement by Regpack is detailed in the post titled Someone just lost 324k payment records, complete with CVVs.
33 Turkish Hospitals
May 18, 2016
•[ leak, healthcare ]
Hacker(s) claiming to be part of Anonymous post online a link pointing to a 2GB archive containing personal records stolen from 33 Turkish hospitals.
Avention
May 13, 2016
•[ leak, technology ]
Avention, investigate data breaches affecting personal information of its employees.
University of Limpopo
May 13, 2016
•[ hack, leak, education ]
New World Hackers (NWH), one of the hacking crews participating in the Anonymous #OpAfrica campaign, leak data obtained after hacking and then defacing the website of the University of Limpopo from the town of Polokwane, South Africa.
Tumblr
May 12, 2016
•[ leak, technology ]
65 million passwords of Tumblr are on sell on the underground. The company admitted to have suffered a breach on May 12.
Unnamed adult forum
May 12, 2016
•[ hack, leak, technology ]
An unnamed porn forum is hacked and details of 100,000 members leaked.
UserVoice
May 9, 2016
•[ leak, technology ]
UserVoice admits to have suffered a cyberattack in April which has exposed sensitive data belonging to a small subset of users with administrator or contributor status (0.001%).
Shotbow
May 9, 2016
•[ leak, technology ]
In May 2016, the multiplayer server for Minecraft service Shotbow announced they'd suffered a data breach. The incident resulted in the exposure of over 1 million unique email addresses, usernames and salted SHA-256 password hashes.
UAE Investbank
May 6, 2016
•[ financial, leak, finance ]
A 10GB file has been published online that purports to hold sensitive financial data on tens of thousands of customers belonging to UAE Investbank. A Turkish group dubbed Bozkurt claims responsibility for the attack.
Boris Dobrodeev
May 6, 2016
•[ leak, technology ]
Hacktivists from the Anonymous collective leak what could be the email inbox of Boris Dobrodeev, the former boss of Russian social network VK, previously known as VKontakte.
Nulled.IO
May 6, 2016
•[ leak, sqlinjection, technology ]
The Nulled.IO forum is compromised and its data consequently leaked, consisting of a 9.45GB SQL file.
