Score
September 4, 2014
•[ leak, misconfiguration, manufacturing ]
Score, a sport uniform manufacturer, discovers a potential unauthorized data breach occurred on September 4, 2014. 500 customers who shopped online may have been compromised.
Pakistan Official Portal
September 1, 2014
•[ hack, misconfiguration, government ]
In name of OpPakistan, unknown Hacktivists deface the official portal of Pakistan (pakistan.gov.pk), demanding resignation of prime minister Nawaz Shareef.
Geekface
August 26, 2014
•[ hack, misconfiguration, technology ]
Geekface notifies its users of an illegitimate access to one of its servers. The data accessed include personal information.
Delaware Treasury Division
August 19, 2014
•[ hack, misconfiguration, government ]
Delaware's treasury division website (treasury.delaware.gov) is defaced with anti-Israel and pro-Palestine messages by a collective calling itself SaLeM.
diet.com
August 10, 2014
•[ leak, misconfiguration, healthcare ]
In August 2014, the diet and nutrition website diet.com suffered a data breach resulting in the exposure of 1.4 million unique user records dating back as far as 2004. The data contained email and IP addresses, usernames, plain text passwords and dietary information about the site members including eating habits, BMI and birth date. The site was previously reported as compromised on the Vigilante.pw breached database directory.
Insanelyi
July 22, 2014
•[ hack, misconfiguration, technology ]
In July 2014, the iOS forum Insanelyi was hacked by an attacker known as Kim Jong-Cracks. A popular source of information for users of jailbroken iOS devices running Cydia, the Insanelyi breach disclosed over 104k users' emails addresses, user names and weakly hashed passwords (salted MD5).
Haaretz
July 15, 2014
•[ hack, misconfiguration ]
Again, in the name of OPSaveGaza, AnonGhost defaces a sub-domain of Israel's largest and oldest newspaper Haaretz against Israeli bombing over Gaza, Palestine.
Splash Car Wash
June 25, 2014
•[ hack, misconfiguration, retail ]
1,400 customer credit card details are stolen by hackers from Splash Car Wash exploiting a pcAnywhere vulnerability on point of sale terminals.
Sumo Torrent
June 21, 2014
•[ hack, misconfiguration, technology ]
In June 2014, the torrent site Sumo Torrent was hacked and 285k member records were exposed. The data included IP addresses, email addresses and passwords stored as weak MD5 hashes.
Manga Traders
June 9, 2014
•[ leak, misconfiguration, technology ]
In June 2014, the Manga trading website Mangatraders.com had the usernames and passwords of over 900k users leaked on the internet (approximately 855k of the emails were unique). The passwords were weakly hashed with a single iteration of MD5 leaving them vulnerable to being easily cracked.
Arizona Department of Homeland Security
May 26, 2014
•[ hack, misconfiguration, government ]
A Turkish hacker going with the handle of Swan defaces the official website of the Arizona Department of Homeland Security. The hacker also defaces the official website of the Arizona Commission of Indian Affairs website.
Road sign in San Francisco
May 16, 2014
•[ hack, misconfiguration, government ]
An unknown prankster hacker hacks an electronic traffic sign in San Francisco warning of a Godzilla Attack.
University of North Carolina Wilmington
May 2, 2014
•[ hack, misconfiguration, education ]
An undisclosed number of employees, graduate students and adjunct instructors with the University of North Carolina Wilmington (uncw.edu) may have had personal information compromised after unauthorized access was gained to an applications server.
Fridae
May 2, 2014
•[ leak, misconfiguration, technology ]
In May 2014, over 25,000 user accounts were breached from the Asian lesbian, gay, bisexual and transgender website known as "Fridae". The attack which was announced on Twitter appears to have been orchestrated by Deletesec who claim that "Digital weapons shall annihilate all secrecy within governments and corporations". The exposed data included password stored in plain text.
Kali
April 30, 2014
•[ hack, misconfiguration, technology ]
A Libyan Hackers group called "The GreaT Team" (TGT) defaces the mailing list subdomain of Kali website (lists.kali.org).
Lubbock Cardiology Clinic
April 11, 2014
•[ hack, misconfiguration, healthcare ]
Unauthorized access is gained to the Electronic Health Record system used by Texas-based Lubbock Cardiology Clinic (LCC), which resulted in the compromise of more than 1,400 medical records.
College in Shanghai's Songjiang District
March 8, 2014
•[ insider, misconfiguration, education ]
Two students at a college in Shanghai's Songjiang District are arrested for allegedly changing grades for 200 of their colleagues.
JCM Partners
March 6, 2014
•[ leak, misconfiguration ]
Real estate management company JCM Partners notifies an undisclosed number of housing applicants that their personal information has been exposed online.
Texas State Technical College
February 19, 2014
•[ hack, misconfiguration, education ]
Texas State Technical College (tstc.edu) Waco notifies almost 3,000 former students and fewer than 2,000 employees that personal information may have been compromised after an unauthorized party remotely gained access to a server that contained the data.
PayPal
February 5, 2014
•[ hack, misconfiguration, technology ]
Hackers have compromised the eBay and PayPal marketing webpages in the UK, France, and India, causing some visitors to be redirected to fraudulent destinations.
