Warframe
November 24, 2014
•[ hack, sqlinjection, technology ]
In November 2014, the online game Warframe was hacked and 819k unique email addresses were exposed. Allegedly due to a SQL injection flaw in Drupal, the attack exposed usernames, email addresses and data in a "pass" column which adheres to the salted SHA12 password hashing pattern used by Drupal 7. Digital Extremes (the developers of Warframe), asserts the salted hashes are of "alias names" rather than passwords.
Malwarebytes
November 15, 2014
•[ hack, misconfiguration, technology ]
In November 2014, the Malwarebytes forum was hacked and 111k member records were exposed. The IP.Board forum included email and IP addresses, birth dates and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.
Bot of Legends
November 13, 2014
•[ hack, technology ]
In November 2014, the forum for Bot of Legends suffered a data breach. The IP.Board forum contained 238k accounts including usernames, email and IP addresses and passwords stored as salted MD5 hashes.
Popular Science
October 28, 2014
•[ hack, malware, technology ]
Websense detects that the official website of Popular Science (popsci.com) is compromised, serving malicious code.
Pandora TV Co. Ltd.
October 21, 2014
•[ hack, technology ]
Pandora TV Co. Ltd., the South Korea-based operator of the country's biggest video sharing website, lost 114,707 pieces of personal information during two confirmed intrusions in September. The investigation suggests that 7.4 million pieces of personal information were affected.
Apple iCloud
October 20, 2014
•[ espionage, misconfiguration, technology ]
GreatFire.org, a group that monitors censorship by the Chinese government's national firewall system, reports that China is using the system as part of a man-in-the-middle attack on users of Apple's iCloud service within the country.
ILikeCheats
October 18, 2014
•[ leak, misconfiguration, technology ]
In October 2014, the game cheats website known as ILikeCheats suffered a data breach that exposed 189k accounts. The vBulletin based forum leaked usernames, IP and email addresses and weak MD5 hashes of passwords. The data was provided with support from dehashed.com.
Snapsaved
October 13, 2014
•[ hack, leak, technology ]
Snapsaved.com, a third-party application that allows Snapchat users to save images and videos sent over the service online, is hacked, as a consequence 13 gigabytes of stolen images are posted online.
SAMAA TV
October 12, 2014
•[ hack, technology ]
A Pakistani hacker going with the handle of Kai-H4xOrR defaces the official website of SAMAA TV (samaa.tv) network which is Pakistan's privately owned news and entertainment network. The attack is done against the broadcasting of Indian content on the channel.
Hewlett Packard
October 10, 2014
•[ hack, malware, technology ]
Hewlett-Packard alerts some customers that it will be revoking a digital certificate used to sign a huge swath of software, including hardware drivers and other software, since it had been used to digitally sign malware that had infected a developer's PC.
Google Indonesia
October 5, 2014
•[ hack, technology ]
The Pakistani hacking group MaDLeeTs defaces the official Google Indonesia domain (google.co.id).
Valve
October 1, 2014
•[ hack, espionage, technology ]
Four men between 18 and 28 are charged with breaking into the computer systems of Microsoft, the US Army and leading games manufacturers (Epic Games, Valve, and Zombie Studios), as part of an alleged international hacking ring that netted more than $100M in intellectual property.
9Lives
October 1, 2014
•[ hack, technology ]
In October 2014, the (now defunct) Belgian gaming news forum 9Lives suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 109k unique email addresses along with usernames and salted MD5 password hashes. The data was provided to HIBP by a source who requested it be attributed to "Leidhall".
Ello
September 29, 2014
•[ hack, ddos, technology ]
The social network Ello is the target of a DDoS attack.
Activision Blizzard
September 23, 2014
•[ hack, ddos, technology ]
Hackers from the group Lizard Squad reneged on their promise to quit earlier this month, apparently launching DDoS attacks against Blizzard's servers running Call Of Duty: Ghosts and Destiny.
jQuery
September 23, 2014
•[ hack, malware, technology ]
RiskIQ detects a credential-stealing malware being loaded onto users computers through a drive-by download at jQuery.com. The attack was carried out using RIG exploit kit to target visitors.
RT
September 17, 2014
•[ hack, ddos, technology ]
RT.com is hit with the most powerful DDoS attack in the website's history, which reached 10 Gbps in strength.
Freenode
September 15, 2014
•[ hack, technology ]
Popular IRC network Freenode suffers a security breach and asks users to change their passwords, as they might have been compromised.
Vodafone Egypt
September 13, 2014
•[ hack, technology ]
A hacker going with the handle of Ali El Top defaces two official sub-domains of Vodafone Egypt.
Tout
September 11, 2014
•[ leak, technology ]
In approximately September 2014, the now defunct social networking service Tout suffered a data breach. The breach subsequently appeared years later and included 653k unique email addresses, names, IP addresses, the location of the user, their bio and passwords stored as bcrypt hashes. The data was provided to HIBP by a source who requested it to be attributed to "nmapthis@protonmail.com".
