The Straight Dope
January 9, 2014
•[ hack, technology ]
The Straight Dope, the popular online question and answer newspaper column, advises users of its forum to change their passwords because the information might have been compromised in a recent attack targeted at the bulletin board.
openSUSE
January 7, 2014
•[ hack, malware, technology ]
The well-known Pakistani hacker H4x0r HuSsY hacks the official Forum of OpenSUSE, defacing it and allegedly compromising the account information of 79,500 registered users.
MMMOOO
January 6, 2014
•[ hack, technology ]
A group of hackers going by the name HitlerSec hack a Chinese mobile application MMMOOO (immmooo.com) and dump 85,753 email addresses and encrypted passwords.
What.cd
January 6, 2014
•[ hack, ddos, technology ]
Three of the largest private BitTorrent trackers are offline due to prolonged DDoS attacks. The targets are: What.cd, Broadcasthe.net, PassthePopcorn.me.
World of Warcraft
January 6, 2014
•[ hack, malware, technology ]
World of Warcraft players are hit with a malicious trojan that hijacks accounts. The malware infects systems by posing as an installer of Curse, a legitimate add-on.
Snapchat
January 2, 2014
•[ leak, misconfiguration, technology ]
Greyhat hackers publish the partial phone numbers belonging to more than 4.5 million Snapchat users after exploiting a recently disclosed security weakness that officials of the service had described as theoretical.
ThisHabbo Forum
January 1, 2014
•[ leak, technology ]
In 2014, the ThisHabbo forum (a fan site for Habbo.com, a Finnish social networking site) appeared among a list of compromised sites which has subsequently been removed from the internet. Whilst the actual date of the exploit is not clear, the breached data includes usernames, email addresses, IP addresses and salted hashes of passwords. A further 584k records were added from a more comprehensive breach file provided in October 2016.
ReverbNation
January 1, 2014
•[ hack, technology ]
In January 2014, the online service for assisting musicians to build their careers ReverbNation suffered a data breach which wasn't identified until September the following year. The breach contained over 7 million accounts with unique email addresses and salted SHA1 passwords.
HiAPK
January 1, 2014
•[ hack, technology ]
In approximately 2014, it's alleged that the Chinese Android store known as HIAPK suffered a data breach that impacted 13.8 million unique subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as "unverified". The data in the breach contains usernames, email addresses and salted MD5 password hashes and was provided to HIBP by white hat security researcher and data analyst Adam Davies. Read more about Chinese data breaches in Have I Been Pwned.
Vodafone
November 30, 2013
•[ hack, technology ]
In November 2013, Vodafone in Iceland suffered an attack attributed to the Turkish hacker collective "Maxn3y". The data was consequently publicly exposed and included user names, email addresses, social security numbers, SMS message, server logs and passwords from a variety of different internal sources.
XSplit
November 7, 2013
•[ hack, technology ]
In November 2013, the makers of gaming live streaming and recording software XSplit was compromised in an online attack. The data breach leaked almost 3M names, email addresses, usernames and hashed passwords.
We Heart It
November 3, 2013
•[ hack, technology ]
In November 2013, the image-based social network We Heart It suffered a data breach. The incident wasn't discovered until October 2017 when 8.6 million user records were sent to HIBP. The data contained user names, email addresses and password hashes, 80% of which were salted SHA-256 with the remainder being MD5 with no salt.
Adobe
October 4, 2013
•[ hack, misconfiguration, technology ]
In October 2013, 153 million Adobe accounts were breached with each containing an internal ID, username, email, encrypted password and a password hint in plain text. The password cryptography was poorly done and many were quickly resolved back to plain text. The unencrypted hints also disclosed much about the passwords adding further to the risk that hundreds of millions of Adobe customers already faced.
