Yandy
September 9, 2014
•[ leak, retail ]
Yandy.com, an online retailer of women's lingerie and clothing, announces to have discovered a security breach, resulting in credit and debit card data of customers being exposed.
Score
September 4, 2014
•[ leak, misconfiguration, manufacturing ]
Score, a sport uniform manufacturer, discovers a potential unauthorized data breach occurred on September 4, 2014. 500 customers who shopped online may have been compromised.
McKayla Maroney
August 31, 2014
•[ leak ]
Yet another leak of celebrities pictures. A massive leak of nude and risque photos appearing to be of huge stars like is leaked online, first appearing on 4chan.
MangaGamer
August 29, 2014
•[ leak ]
Visual novel distributor MangaGamer notifies its users to have suffered a security breach. The full member database is posted on pastebin.
Children's Mercy Hospital
August 19, 2014
•[ leak, healthcare ]
Children's Mercy Hospital in Kansas City notifies 4,076 individuals that Onsite Health Diagnostics, a vendor used by wellness program provider StayWell Health Management, experienced a breach that affected their personal information.
Banorte
August 18, 2014
•[ leak, finance ]
In August 2022, millions of records from Mexican bank "Banorte" were publicly dumped on a popular hacking forum including 2.1M unique email addresses, physical addresses, names, phone numbers, RFC (tax) numbers, genders and bank balances. Banorte have stated that the data is "outdated", although have not yet indicated how far back it dates to. Anecdotal feedback from HIBP subscribers suggests the data may date back 8 years to 2014.
diet.com
August 10, 2014
•[ leak, misconfiguration, healthcare ]
In August 2014, the diet and nutrition website diet.com suffered a data breach resulting in the exposure of 1.4 million unique user records dating back as far as 2004. The data contained email and IP addresses, usernames, plain text passwords and dietary information about the site members including eating habits, BMI and birth date. The site was previously reported as compromised on the Vigilante.pw breached database directory.
Dnipropetrovsk Department of Law Enforcement
August 9, 2014
•[ hack, leak, espionage ]
Pro Russian Hacker collective CyberBerkut accesses the information resources of the regional department of the military law and order service in Dnipropetrovsk and leaks some private correspondence.
Penn State College of Medicine
July 10, 2014
•[ leak, malware, education ]
1176 Penn State College of Medicine alumni's Social Security numbers might have been compromised after malware was found on a university computer.
Denmark's Socialist Party
June 11, 2014
•[ leak, government ]
The Danish branch of the infamous collective Anonymous targets Denmark's Socialist Party (Socialistisk Folkeparti) for signing and passing mass Internet surveillance bill and leaks logins and SSNs of a couple of dozens of members.
Manga Traders
June 9, 2014
•[ leak, misconfiguration, technology ]
In June 2014, the Manga trading website Mangatraders.com had the usernames and passwords of over 900k users leaked on the internet (approximately 855k of the emails were unique). The passwords were weakly hashed with a single iteration of MD5 leaving them vulnerable to being easily cracked.
Office
May 29, 2014
•[ leak, retail ]
UK shoe retailer Office sends its customers an email, explaining that it has suffered a serious security breach. Information accessed includes customers' names, addresses, birth date and month (but not year), password and phone number of accounts created prior to August 2013.
Fridae
May 2, 2014
•[ leak, misconfiguration, technology ]
In May 2014, over 25,000 user accounts were breached from the Asian lesbian, gay, bisexual and transgender website known as "Fridae". The attack which was announced on Twitter appears to have been orchestrated by Deletesec who claim that "Digital weapons shall annihilate all secrecy within governments and corporations". The exposed data included password stored in plain text.
DeKalb Health
April 29, 2014
•[ leak, healthcare ]
Dekalb Health notifies that 1,361 records including a mix of names, Social Security numbers, dates of birth, credit card numbers, addresses, phone numbers, passwords, email addresses, insurance information, service types, and other details have been compromised.
NextGenUpdate
April 22, 2014
•[ leak, technology ]
Early in 2014, the video game website NextGenUpdate reportedly suffered a data breach that disclosed almost 1.2 million accounts. Amongst the data breach was usernames, email addresses, IP addresses and salted and hashed passwords.
University of Virginia
April 21, 2014
•[ leak, education ]
University of Virginia (1 million files leaked).
University of Pittsburgh Medical Center
April 17, 2014
•[ leak, healthcare ]
UPMC (University of Pittsburgh Medical Center) reveals the real dimension of a data breach it suffered. Personal information for as many as 27,000 workers might have been compromised.
LaCie
April 15, 2014
•[ leak, malware, technology ]
LaCie confirms in a statement that malware successfully made its way through to access sensitive customer information stemming from transactions on its website. Virtually everyone who shopped on LaCie's website in the last year is at risk.
Anonymous
April 13, 2014
•[ hack, leak, espionage ]
Israeli hackers attacked computers belonging to Anonymous and allied hacker groups, taking pictures with exploited webcams and posting the photos online.
CafeMom
April 10, 2014
•[ leak, technology ]
In 2014, the social network for mothers CafeMom suffered a data breach. The data surfaced alongside a number of other historical breaches including Kickstarter, Bitly and Disqus and contained 2.6 million email addresses and plain text passwords.
