Virgin Mobile Polska
January 15, 2021
•[ leak, misconfiguration, technology ]
Virgin Mobile Polska has had a fine imposed on it for failing to secure user data which led to a data breach.
Daily Quiz
January 13, 2021
•[ leak, misconfiguration, technology ]
In January 2021, the quiz website Daily Quiz suffered a data breach that exposed over 8 million unique email addresses. The data also included usernames, IP addresses and passwords stored in plain text.
Ubiquiti
January 11, 2021
•[ hack, misconfiguration, technology ]
Ubiquiti informed customers of unauthorized access to certain information technology systems hosted by a third party cloud provider. Ubiquiti states that they are not aware of any customer databases that were illegally accessed but cannot be sure that the attack did not expose customers' data.
Parler
January 9, 2021
•[ hack, misconfiguration, technology ]
A hacker who goes by the name Crash Override on Twitter claims she found a web address that Parler used internally to retrieve data. She made a list of all posts, videos, and images uploaded to Parler, including posts that users had deleted, such as those referring to the Capitol attack on January 6.
Ambulance Tasmania
January 7, 2021
•[ leak, misconfiguration, healthcare ]
The private details of every Tasmanian who has called an ambulance since November last year have been published online by a third party in a list still updating each time paramedics are dispatched.
WedMeGood
January 6, 2021
•[ leak, misconfiguration, technology ]
In January 2021, the Indian wedding planning platform WedMeGood suffered a data breach that exposed 1.3 million customers. The breach exposed 41.5GB of data including email and physical addresses, names, genders, phone numbers and password hashes. The data was provided to HIBP by dehashed.com.
South African Social Security Agency
January 4, 2021
•[ leak, misconfiguration, government ]
The South African Social Security Agency is in talks to replace cards used for collecting social grants after a security breach compromised the master keys for the cards in 2019.
Unknown Organization
January 1, 2021
•[ leak, misconfiguration, government ]
The Durham Region joins the list of the victims of the Accellion breach.
Twitter (200M)
January 1, 2021
•[ leak, misconfiguration, technology ]
In early 2023, over 200M records scraped from Twitter appeared on a popular hacking forum. The data was obtained sometime in 2021 by abusing an API that enabled email addresses to be resolved to Twitter profiles. The subsequent results were then composed into a corpus of data containing email addresses alongside public Twitter profile information including names, usernames and follower counts.
Dedalus Biologie (a division of Dedalus Global[272])
January 1, 2021
•[ leak, misconfiguration, healthcare ]
poor security
Dedalus Biologie (a division of Dedalus Global[273])
January 1, 2021
•[ leak, misconfiguration, healthcare ]
poor security
Dedalus Biologie (a division of Dedalus Global[274])
January 1, 2021
•[ leak, misconfiguration, healthcare ]
poor security
Dedalus Biologie (a division of Dedalus Global[92])
January 1, 2021
•[ leak, misconfiguration, healthcare ]
poor security
Dedalus Biologie (a division of Dedalus Global[95])
January 1, 2021
•[ leak, misconfiguration, healthcare ]
poor security
Voyager
December 28, 2020
•[ hack, misconfiguration, finance ]
The Voyager cryptocurrency brokerage platform suffered a cyberattack targeting its DNS configuration.
