visit-jy
March 18, 2016
•[ hack, leak, government ]
Hacktivists from KarmaSec hack the server of Japan's Yamaguchi Prefecture Tourism Promotion Division (visit-jy.com) and leak a trove of data protesting in animal cruelty in the country.
LAZ Parking
March 15, 2016
•[ leak, financial, hack ]
LAZ Parking reveals that tax and revenue information for about 14,000 employees may have been stolen by an "unknown individual.
West Bloomfield School District
March 11, 2016
•[ leak, education ]
West Bloomfield School District officials send an email to parents saying a security breach to their network exposed certain student information.
21st Century Oncology
March 10, 2016
•[ leak, healthcare ]
US cancer clinic 21st Century Oncology admits that a breach on its systems may have exposed private information on 2.2 million patients and employees. The breach happened in November 2015 but the FBI asked 21st Century to hold off from disclosing the incident until a thorough investigation had been completed.
Unnamed American Express third-party card processor
March 10, 2016
•[ leak, misconfiguration, finance ]
American Express warns some customers that their personal details may have been exposed due to a data breach of a third-party service provider.
Hawking Technology
March 8, 2016
•[ hack, leak, manufacturing ]
An unknown hacker hacks hawkingtech.com and dumps 12,548 records with usernamens and hashed passwords.
Whiting-Turner
March 8, 2016
•[ leak ]
Whiting-Turner notifies employees of a potential breach to a vendor.
GCI
March 4, 2016
•[ financial, leak, phishing ]
GCI notifies more than 2,500 employees that their W-2 forms were stolen in an apparent phishing scam in February.
Moneytree
March 4, 2016
•[ financial, phishing, social ]
Moneytree is the latest company to alert current and former employees that their tax data, including Social Security numbers, salary and address information, was accidentally handed over directly to scam artists.
Mate1
February 29, 2016
•[ leak, misconfiguration, technology ]
A hacker on the dark web forum Hell claims to have sold the email addresses and plaintext passwords of over 27 million users of dating site Mate1.com.
KM.RU
February 29, 2016
•[ leak, technology ]
In February 2016, the Russian portal and email service KM.RU was the target of an attack which was consequently detailed on Reddit. Allegedly protesting "the foreign policy of Russia in regards to Ukraine", KM.RU was one of several Russian sites in the breach and impacted almost 1.5M accounts including sensitive personal information.
primodominio
February 27, 2016
•[ hack, leak, technology ]
LulzSec Italia hacks primodominio.it and dumps 126,422 usernames and passwords.
Pharm-Olam International
February 23, 2016
•[ leak, healthcare ]
Pharm-Olam International starts notifying employees of a security incident that compromised their names, Social Security and income information.
Central Concrete Supply
February 23, 2016
•[ leak, manufacturing ]
Central Concrete Supply notifies its employers of a security incident that might have exposed their personal information.
Cincinnati Police Department
February 22, 2016
•[ leak, government ]
Members of Anon Verdict, a sub-division of the Anonymous hacker collective, leak the details for 52 officers and employees of the Cincinnati Police Department. The Police Department questions the validity of the hack.
York Hospital
February 22, 2016
•[ leak, healthcare ]
York Hospital reports a breach of 1,483 employees' identifying information.
Spotify
February 15, 2016
•[ hack, leak, technology ]
Hundreds of Spotify Premium account details are compromised and leaked online by an unknown hacker. A number of separate data dumps containing email addresses, passwords, account types and renewal dates appear online.
Turkish National Police (EMG)
February 15, 2016
•[ leak, government ]
A hacker known as ROR[RG] dump 17.8GB of information data from the Turkish National Police (EMG) servers. The leak allegedly happened two years ago.
V-Tight Gel
February 13, 2016
•[ leak, healthcare ]
In approximately February 2016, data surfaced which was allegedly obtained from V-Tight Gel (vaginal tightening gel). Whilst the data set was titled V-Tight, within there were 50 other (predominantly wellness-related) domain names, most owned by the same entity. Multiple HIBP subscribers confirmed that although they couldn't recall providing data specifically to V-Tight, their personal information including name, phone and physical address was accurate. V-Tight Gel did not reply to multiple requests for comment.
Bolivian Army
February 10, 2016
•[ leak, government ]
A group of hackers breach the official email servers belonging to the Bolivian Army, download emails, and dump some of the data online.
