Foxit Software
August 30, 2019
•[ hack, technology ]
Foxit Software, the company behind the Foxit PDF reader app, announces that hackers breached its servers and made off with some user information.
Imperva
August 27, 2019
•[ hack, misconfiguration, technology ]
Imperva discloses a security incident that impacts customers of its cloud Web Application Firewall. Apparently the intruders made off with customer API keys and SSL certificates.
Hostinger
August 25, 2019
•[ hack, misconfiguration, technology ]
Hostinger discloses a security incident that impacted its platform and users. A hacker gained access to an internal server, where he found an authorization token for an internal API used to retrieve information about up to 14 million clients.
Astro
August 22, 2019
•[ technology ]
Astro announces that its database was accessed impacting customer data.
Fortnite
August 22, 2019
•[ ransomware, malware, technology ]
Researchers from Cyren discover Syrk, a ransomware, in disguise of an aimbot cheat tool, targeting Fortnite players.
ToonDoo
August 21, 2019
•[ hack, technology ]
In August 2019, the comic strip creation website ToonDoo suffered a data breach. The data was subsequently redistributed on a popular hacking forum in November where the personal information of over 6M subscribers was shared. Impacted data included email and IP addresses, usernames, genders, the location of the individual and salted password hashes.
PokerTracker
August 20, 2019
•[ hack, malware, technology ]
The PokerTracker website is compromised and loaded with a Magecart script.
Cracked
August 13, 2019
•[ hack, technology ]
Hackers from Raidforums breach the site of rival hacking forum Cracked.to and spill data for more than 321,000 of its members. The breach occurred in July.
Facebook
August 1, 2019
•[ leak, technology ]
In April 2021, a large data set of over 500 million Facebook users was made freely available for download. Encompassing approximately 20% of Facebook's subscribers, the data was allegedly obtained by exploiting a vulnerability Facebook advises they rectified in August 2019. The primary value of the data is the association of phone numbers to identities; whilst each record included phone, only 2.5 million contained an email address. Most records contained names and genders with many also including dates of birth, location, relationship status and employer.
Sure
July 29, 2019
•[ leak, phishing, technology ]
Sure is the victim of a phishing attack that steals around 400 suppliers', employees' and former employees' data.
Comodo
July 27, 2019
•[ hack, misconfiguration, technology ]
A hacker gain access to internal files and documents owned by security company and former SSL certificate issuer Comodo by using an email address and password mistakenly exposed on the internet (GitHub).
Club Penguin Rewritten (July 2019)
July 27, 2019
•[ hack, technology ]
In July 2019, the children's gaming site Club Penguin Rewritten (CPRewritten) suffered a data breach (note: CPRewritten is an independent recreation of Disney's Club Penguin game). In addition to an earlier data breach that impacted 1.7 million accounts, the subsequent breach exposed 4 million unique email addresses alongside IP addresses, usernames and passwords stored as bcrypt hashes.
DNForum
July 26, 2019
•[ hack, brute-force, technology ]
DNForum.com sends out password reset requests to its users after attempts to access the accounts.
Undisclosed streaming service
July 24, 2019
•[ hack, ddos, technology ]
Researchers from Imperva reveal that an undisclosed streaming service was hit by a massive DDoS attack that lasted for 13 days, launched from 402,000 different IPs, with a peak flow of 292,000 requests per second.
Cracked.to
July 21, 2019
•[ hack, technology ]
In July 2019, the hacking website Cracked.to suffered a data breach. There were 749k unique email addresses spread across 321k forum users and other tables in the database. A rival hacking website claimed responsibility for breaching the MyBB based forum which disclosed email and IP addresses, usernames, private messages and passwords stored as bcrypt hashes.
Jessica Alba's Twitter Account
July 20, 2019
•[ hack, technology ]
Jessica Alba's Twitter Account is hacked and starts to post racial tweets.
iNSYNQ
July 16, 2019
•[ ransomware, malware, technology ]
iNSYNQ, a cloud computing provider of virtual desktop environments is down after its servers are infected with ransomware.
Sprint
July 16, 2019
•[ hack, technology ]
US mobile network operator Sprint says hackers broke into an unknown number of customer accounts via the Samsung.com "add a line" website. The breach occurred on June 22.
Flash Flash Revolution (2019 breach)
July 16, 2019
•[ hack, technology ]
In July 2019, the music-based rhythm game Flash Flash Revolution suffered a data breach. The 2019 breach imapcted almost 1.9 million members and is in addition to the 2016 data breach of the same service. Email and IP addesses, usernames, dates of birth and salted MD5 hashes were all exposed in the breach. The data was provided with support from dehashed.com.
BlackSpigotMC
July 14, 2019
•[ hack, technology ]
In July 2019, the hacking website BlackSpigotMC suffered a data breach. The XenForo forum based site was allegedly compromised by a rival hacking website and resulted in 8.5GB of data being leaked including the database and website itself. The exposed data included 140k unique email addresses, usernames, IP addresses, genders, geographic locations and passwords stored as bcrypt hashes.
