Cerberus
March 28, 2014
•[ leak, technology ]
Over 96,000 users of the Cerberus anti-theft application for Android are advised to change their passwords after the company suffered a data breach.
Quantum Booter
March 18, 2014
•[ leak, ddos, technology ]
In March 2014, the booter service Quantum Booter (also referred to as Quantum Stresser) suffered a breach which lead to the disclosure of their internal database. The leaked data included private discussions relating to malicious activity Quantum Booter users were performing against online adversaries, including the IP addresses of those using the service to mount DDoS attacks.
JCM Partners
March 6, 2014
•[ leak, misconfiguration ]
Real estate management company JCM Partners notifies an undisclosed number of housing applicants that their personal information has been exposed online.
Church of Cyprus
March 5, 2014
•[ hack, leak ]
The hacker @security_511 hacks the Church of Cyprus website (churchofcyprus.org.cy) and dumps 1,476 user account credentials with full names, email addresses and encrypted passwords.
Kaiser Permanente
February 28, 2014
•[ leak, malware, healthcare ]
Health services provider Kaiser Permanente notifies roughly 5,100 members that their personal information may be at risk after malware was discovered on a server used by the Kaiser Permanente Northern California Division of Research.
Alaska Communications
February 27, 2014
•[ leak, malware, technology ]
Alaska Communications notifies an undisclosed number of current and former employees that their names, addresses, birthdates and Social Security numbers may have been exposed when a company computer was infected with a malware.
Spirol International
February 21, 2014
•[ leak, manufacturing ]
Yet another attack by @DeleteSec. This time the victim is Spirol International (spirol.com) and as a result over 70,889 of the company's affected credentials are leaked online.
UN Internet Governance Forum
February 20, 2014
•[ hack, leak, government ]
In February 2014, the Internet Governance Forum (formed by the United Nations for policy dialogue on issues of internet governance) was attacked by hacker collective known as Deletesec. Although tasked with "ensuring the security and stability of the Internet", the IGFs website was still breached and resulted in the leak of 3,200 email addresses, names, usernames and cryptographically stored passwords.
Forbes
February 15, 2014
•[ leak, technology ]
In February 2014, the Forbes website succumbed to an attack that leaked over 1 million user accounts. The attack was attributed to the Syrian Electronic Army, allegedly as retribution for a perceived "Hate of Syria". The attack not only leaked user credentials, but also resulted in the posting of fake news stories to forbes.com.
ReadingRockets
February 13, 2014
•[ hack, leak, education ]
DeleteSec hacks ReadingRockets.org and leaks around 5,800 accounts. Leaked credentials contain full names, addresses, contact information, email addresses and clear text passwords.
Presidential Adviser
February 13, 2014
•[ hack, leak, government ]
Again an action in name of Opindependence. This time Anonymous Ukraine hacks the e-mail account of Laurynas Jonavicius (adviser of the President of Lithuania), leaking some emails.
Official website of the President of Nepal
February 8, 2014
•[ hack, leak, sqlinjection ]
Two separate attacks deface the official website of Nepal's Office of the President (presidentofnepal.gov.np). In the first case, the attacker who goes by Dr.3v1l, also leaked some information stolen from the DB. The second attack was carried out by an Indian hacker.
Turkcell
February 4, 2014
•[ leak, hack, technology ]
Hackers of the RedHack group claim to have breached the systems of three major telecoms companies: TTNET, Vodafone and Turkcell. After the attack they leak the details of hundreds of individuals from TTNET and 5,000 Vodafone customers.
Turkcell
January 16, 2014
•[ leak, technology ]
Hackers of the RedHack collective leak the phone numbers of over 4,000 people who work for Turkcell, the leading mobile phone operator of Turkey.
Directors Guild of Canada
January 7, 2014
•[ hack, leak ]
A hacker using the handle legionnare aka ObeySec has hacked the directors guild of Canada (dgc.ca) and leaks 2000+ usernames, email addresses and clear text passwords.
Monju Nuclear Power Plant
January 6, 2014
•[ leak, energy ]
A server administrator discovers that one of the eight computers in the reactor control room of the Monju Nuclear Plant has been accessed over 30 times in the last five days. More than 42,000 e-mails and staff training reports were stored on the computer.
WPT Amateur Poker League
January 4, 2014
•[ hack, leak, misconfiguration ]
In January 2014, the World Poker Tour (WPT) Amateur Poker League website was hacked by the Twitter user @smitt3nz. The attack resulted in the public disclosure of 175,000 accounts including 148,000 email addresses. The plain text password for each account was also included in the breach.
Snapchat
January 2, 2014
•[ leak, misconfiguration, technology ]
Greyhat hackers publish the partial phone numbers belonging to more than 4.5 million Snapchat users after exploiting a recently disclosed security weakness that officials of the service had described as theoretical.
ThisHabbo Forum
January 1, 2014
•[ leak, technology ]
In 2014, the ThisHabbo forum (a fan site for Habbo.com, a Finnish social networking site) appeared among a list of compromised sites which has subsequently been removed from the internet. Whilst the actual date of the exploit is not clear, the breached data includes usernames, email addresses, IP addresses and salted hashes of passwords. A further 584k records were added from a more comprehensive breach file provided in October 2016.
