Chegg
April 29, 2020
•[ hack, technology ]
Chegg confirms its third data breach in the past three years: hackers stole 700 current and former employee records, including their names and Social Security numbers.
CivicSmart
April 27, 2020
•[ ransomware, malware, technology ]
CivicSmart, a vendor of smart parking meters, is hit with a Sodinokibi ransomware attack.
Huiying Medical Technology
April 25, 2020
•[ leak, technology ]
Researchers from Cyble identify a threat actor attempting to sell Huiying Medical Technology's source code for AI-assisted COVID-19 detection and experimental data.
SeaChange International
April 23, 2020
•[ ransomware, malware, technology ]
SeaChange is hit with the Sodinokibi ransomware.
podlasie24
April 22, 2020
•[ espionage, phishing, technology ]
Ghostwriter, a suspected Belarus-backed hacking group, has compromised websites and email accounts in Latvia, Lithuania, and Poland'to publish fabricated documents pushing anti-North Atlantic Treaty Organization (NATO) narratives consistent with Kremlin talking points. The influence campaign started in 2017.
Valve
April 22, 2020
•[ leak, technology ]
The source code of Valve's Team Fortress 2 and Counter-Strike: Global Offensive games was leaked.
Gravity
April 20, 2020
•[ hack, technology ]
Researchers from QuoIntelligence (QuoINT) reveal that attackers from Winnti (aka APT41, BARIUM, Blackfly) attempted to breach the internal network of Gravity, the South Korean gaming company behind the popular Ragnarok Online Massive Multiplayer Online Role-Playing Game.
Believr
April 20, 2020
•[ hack, misconfiguration, technology ]
Hackers infiltrate a Zoom meeting of a virtual church service hosted by Adam Evers, the founder of the Christian LGBTQ+ dating app Believr.
Cognizant
April 18, 2020
•[ ransomware, malware, technology ]
Information technologies services giant Cognizant is hit by the Maze Ransomware.
Aptoide
April 17, 2020
•[ leak, technology ]
A hacker leaks the details of 20 million users of Aptoide, a third-party app store for Android applications.
Mercantile Communications Pvt Ltd
April 15, 2020
•[ hack, technology ]
A group of hackers manage to gain access to the .np domain of Mercantile Communications Pvt Ltd.
EA Sports
April 15, 2020
•[ hack, ddos, technology ]
EA Sports is hit by a DDoS attack.
Aptoide
April 13, 2020
•[ hack, misconfiguration, technology ]
In April 2020, the independent Android app store Aptoide suffered a data breach. The incident resulted in the exposure of 20M customer records which were subsequently shared online via a popular hacking forum. Impacted data included email and IP addresses, names, IP addresses and passwords stored as SHA-1 hashes without a salt.
Niazpardaz[.]ir
April 9, 2020
•[ leak, misconfiguration, technology ]
Someone is selling the personal details of 45,000 Iranians on the dark web. The data appears to have been taken from several sites including Niazpardaz[.]ir and Arzi24[.]com.
Vianet
April 8, 2020
•[ hack, technology ]
Hackers manage to access the database of Vianet and steal the details of more than 160,000 current and former users.
Vianet
April 8, 2020
•[ hack, leak, technology ]
In April 2020, the Nepalese internet service provider Vianet suffered a data breach. The attack on the ISP led to the exposure of 177k customer records including 94k unique email addresses. Also exposed were names, phone numbers and physical addresses.
Email
April 5, 2020
•[ leak, technology ]
The data of more than 600,000 Email.it users is currently being sold on the dark web. The breach allegedly occurred two years ago.
OGUSERS
April 3, 2020
•[ hack, technology ]
OGUsers, one of the most popular hacking forums on the internet, discloses a security breach, the second such incident in the past year.
OGUsers (2020 breach)
April 2, 2020
•[ hack, misconfiguration, technology ]
In April 2020, the account hijacking and SIM swapping forum OGUsers suffered their second data breach in less than a year. As with the previous breach, the exposed data included email and IP addresses, usernames, private messages and passwords stored as salted MD5 hashes. A total of 263k email addresses across user accounts and other tables were posted to a rival hacking forum.
GoDaddy
March 30, 2020
•[ social, phishing, technology ]
A spear-phishing hits a customer service employee at GoDaddy.com, the world's largest domain name registrar. The phisher modifies key customer records, including transaction brokering site escrow.com.
