Sindicat de Mossos d'Esquadra
May 20, 2016
•[ hack, leak, government ]
Phineas Fisher, the hacker behind the Gamma International and Hacking Team breaches hacks the Sindicat de Mossos d'Esquadra (the Catalan police union), publishes personal information about police officers (including their badge numbers), and hijacks their Twitter account.
Regpack
May 20, 2016
•[ leak, misconfiguration, finance ]
In July 2016, a tweet was posted with a link to an alleged data breach of BlueSnap, a global payment gateway and merchant account provider. The data contained 324k payment records across 105k unique email addresses and included personal attributes such as name, home address and phone number. The data was verified with multiple Have I Been Pwned subscribers who confirmed it also contained valid transactions, partial credit card numbers, expiry dates and CVVs. A downstream consumer of BlueSnap services known as Regpack was subsequently identified as the source of the data after they identified human error had left the transactions exposed on a publicly facing server. A full investigation of the data and statement by Regpack is detailed in the post titled Someone just lost 324k payment records, complete with CVVs.
33 Turkish Hospitals
May 18, 2016
•[ leak, healthcare ]
Hacker(s) claiming to be part of Anonymous post online a link pointing to a 2GB archive containing personal records stolen from 33 Turkish hospitals.
Avention
May 13, 2016
•[ leak, technology ]
Avention, investigate data breaches affecting personal information of its employees.
University of Limpopo
May 13, 2016
•[ hack, leak, education ]
New World Hackers (NWH), one of the hacking crews participating in the Anonymous #OpAfrica campaign, leak data obtained after hacking and then defacing the website of the University of Limpopo from the town of Polokwane, South Africa.
Tumblr
May 12, 2016
•[ leak, technology ]
65 million passwords of Tumblr are on sell on the underground. The company admitted to have suffered a breach on May 12.
Unnamed adult forum
May 12, 2016
•[ hack, leak, technology ]
An unnamed porn forum is hacked and details of 100,000 members leaked.
UserVoice
May 9, 2016
•[ leak, technology ]
UserVoice admits to have suffered a cyberattack in April which has exposed sensitive data belonging to a small subset of users with administrator or contributor status (0.001%).
Shotbow
May 9, 2016
•[ leak, technology ]
In May 2016, the multiplayer server for Minecraft service Shotbow announced they'd suffered a data breach. The incident resulted in the exposure of over 1 million unique email addresses, usernames and salted SHA-256 password hashes.
UAE Investbank
May 6, 2016
•[ financial, leak, finance ]
A 10GB file has been published online that purports to hold sensitive financial data on tens of thousands of customers belonging to UAE Investbank. A Turkish group dubbed Bozkurt claims responsibility for the attack.
Boris Dobrodeev
May 6, 2016
•[ leak, technology ]
Hacktivists from the Anonymous collective leak what could be the email inbox of Boris Dobrodeev, the former boss of Russian social network VK, previously known as VKontakte.
Nulled.IO
May 6, 2016
•[ leak, sqlinjection, technology ]
The Nulled.IO forum is compromised and its data consequently leaked, consisting of a 9.45GB SQL file.
Nulled.cr
May 6, 2016
•[ hack, leak, technology ]
In May 2016, the cracking community forum known as Nulled.cr was hacked and 599k user accounts were leaked publicly. The compromised data included email and IP addresses, weak salted MD5 password hashes and hundreds of thousands of private messages between members.
hortinews.co.ke
May 1, 2016
•[ leak, misconfiguration, technology ]
42,000+ usernames and passwords appear in the dark web.
majorgeeks
May 1, 2016
•[ leak, technology ]
270,000 reccords from majorgeeks.com appear on the dark web.
Kenyan Ministry of Foreign Affairs (mfa.go.ke)
April 27, 2016
•[ leak, government ]
Anonymous In Kenya, leaks a trove of 1TB data from the Kenyan Ministry of Foreign Affairs.
Lucky Pet
April 27, 2016
•[ leak, retail ]
LuckyPet notifies the California State Attorney General's office of a data breach that compromised online customer information.
Goldcorp
April 26, 2016
•[ leak, energy ]
Hackers breach Goldcorp and leak a 14.8 GB torrent containing personal information.
Qatar National Bank
April 25, 2016
•[ leak, finance ]
Documents purporting to be from the Qatar National Bank are leaked on a file-sharing site Cryptome.org. According to Cryptome, the leaked file contains more than 15,000 documents detailing more than 100,000 accounts with passwords and PINs.
BeautifulPeople
April 25, 2016
•[ leak, technology ]
Forbes reveal that unknown hackers were able to hack Beautifulpeople.com and leak the personal details of 1.1M members.
