Special K Data Feed Spam List
October 7, 2015
•[ leak ]
In mid to late 2015, a spam list known as the Special K Data Feed was discovered containing almost 31M identities. The data includes personal attributes such as names, physical and IP addresses, genders, birth dates and phone numbers. Read more about spam lists in HIBP.
American Bankers Association
October 1, 2015
•[ leak, finance ]
The American Bankers Association (ABA), based in Washington, D.C., notifies more than 6,000 ABA shopping cart users of a breach that exposed their personal information.
Banca Intesa
September 28, 2015
•[ hack, leak, finance ]
In the name of #OpBankDump, Ghost Italy, a local cell of the Anonymous collective, hacks Banca Intesa and Unipol Banca, and leaks several databases, mainly related to external contractors. They also deface the main pages of the banks.
The Big Blue Bus
September 27, 2015
•[ leak ]
The Big Blue Bus alerts customers of a potential data breach related to the NextBus program.
Canadian Department of Foreign Affairs
September 26, 2015
•[ hack, leak, government ]
As part of their vendetta against the Canadian government, hackers claiming to belong to the Anonymous collective leak another high-level confidential federal document, this time from the Department of Foreign Affairs.
Final Fantasy Shrine
September 18, 2015
•[ leak, technology ]
In September 2015, the Final Fantasy discussion forum known as FFShrine was breached and the data dumped publicly. Approximately 620k records were released containing email addresses, IP addresses and salted hashes of passwords.
The Candid Board
September 3, 2015
•[ hack, leak ]
In September 2015, the non-consensual voyeurism site "The Candid Board" suffered a data breach. The hack of the vBulletin forum led to the exposure of over 178k accounts along with email and IP addresses, dates of birth and salted passwords hashed with MD5.
Western Governor's University
August 23, 2015
•[ leak, misconfiguration, education ]
JM511 dumps some data from the University of California at Los Angeles (UCLA) after allegedly warning the university twice. The attacker also warns other universities of possible vulnerabilities including: Western Governor's University in Utah, the University of Minnesota, DePaul University, and Northern Illinois University.
ClearVoice Surveys
August 23, 2015
•[ leak, misconfiguration, technology ]
In April 2021, the market research surveys company ClearVoice Surveys had a publicly facing database backup from 2015 taken and redistributed on a popular hacking forum. The data included 15M unique email addresses across more than 17M rows of data that also included names, physical and IP addresses, genders, dates of birth and plain text passwords. ClearVoice Surveys advised they were aware of the breach and confirmed its authenticity.
The Employment Agents Movement (TEAM)
August 8, 2015
•[ leak ]
TEAM (The Employment Agents Movement), the largest network of independent recruiters in the UK, is hit by a Saudi Arabian hacker that goes by the online handle JM511. The attacker dumps 1296 records.
PagerDuty
July 30, 2015
•[ leak, technology ]
Alarm aggregation and dispatching service PagerDuty detects an unauthorized intrusion by an attacker who gained access to customer information, and the company requires that all customers change their passwords.
Healthfirst
July 24, 2015
•[ leak, healthcare ]
New York-based Healthfirst notifies about 5,300 current and former members that their personal information may have been compromised in a criminal fraud scheme.
CoinCut
July 23, 2015
•[ leak, finance ]
UK bitcoin exchange CoinCut is investigating a possible data breach which exposed sensitive customer information including passport and card data to the public.
Public Service Labour Relations and Employment Board
July 22, 2015
•[ hack, leak, government ]
Hackers from the Anonymous collective break into the network of the tribunal that adjudicates disputes between public servants and the federal government and dump 3856 records.
captain69
July 19, 2015
•[ leak ]
@ElSurveillance continues his battle against websites that promote escorts. This time the target is captain69.co.uk and the leaked records are about 2600.
Ashley Madison
July 19, 2015
•[ leak, technology ]
In July 2015, the infidelity website Ashley Madison suffered a serious data breach. The attackers threatened Ashley Madison with the full disclosure of the breach unless the service was shut down. One month later, the database was dumped including more than 30M unique email addresses. This breach has been classed as "sensitive" and is not publicly searchable, although individuals may discover if they've been impacted by registering for notifications. Read about this approach in detail.
Soundwave
July 16, 2015
•[ leak, misconfiguration, technology ]
In approximately mid 2015, the music tracking app Soundwave suffered a data breach. The breach stemmed from an incident whereby "production data had been used to populate the test database" and was then inadvertently exposed in a MongoDB. The data contained 130k records and included email addresses, dates of birth, genders and MD5 hashes of passwords without a salt.
WildStar
July 11, 2015
•[ leak, technology ]
In July 2015, the IP.Board forum for the gaming website WildStar suffered a data breach that exposed over 738k forum members' accounts. The data was being actively traded on underground forums and included email addresses, birth dates and passwords.
British Columbia Conservation
July 10, 2015
•[ leak, government ]
Unknown hackers affiliated with the collective Anonymous release a string of emails that appear to show a conservation officer defending his decision to refuse to kill two black bear cubs on Vancouver Island.
myRepoSpace
July 6, 2015
•[ hack, leak, technology ]
In July 2015, the Cydia repository known as myRepoSpace was hacked and user data leaked publicly. Cydia is designed to facilitate the installation of apps on jailbroken iOS devices. The repository service was allegedly hacked by @its_not_herpes and 0x8badfl00d in retaliation for the service refusing to remove pirated tweaks.
