xHamster
November 28, 2016
•[ hack, malware, technology ]
In November 2016, news broke that hackers were trading hundreds of thousands of xHamster porn account details. In total, the data contained almost 380k unique user records including email addresses, usernames and unsalted MD5 password hashes.
Ask
November 23, 2016
•[ hack, malware, technology ]
An unknown attacker hijacks the update mechanism employed by Ask Partner Network (APN) to download suspicious code onto unsuspecting users' PCs.
Mailchimp
November 23, 2016
•[ hack, malware, technology ]
Hackers compromise the Mailchimp database and manage to send out emails containing malicious links to subscribers of various different companies.
RankWatch
November 19, 2016
•[ leak, misconfiguration, technology ]
In approximately November 2016, the search engine optimisation management company RankWatch exposed a Mongo DB with no password publicly whereupon their data was exfiltrated and posted to an online forum. The data contained 7.4 million unique email addresses along with names, employers, phone numbers and job titles in a table called "us_emails". When contacted and advised of the incident, RankWatch would not reveal the purpose of the data, where it had been acquired from and whether the data owners had consented to its collection. The forum which originally posted the data explained it as being "in the same vein as the modbsolutions leak", a large list of corporate data allegedly used for spam purposes.
Three Mobile
November 18, 2016
•[ hack, phishing, technology ]
Three Mobile admits that hackers have successfully accessed its customer upgrade database after using an employee login. 6 million customers' private information is at risk.
Mega
November 18, 2016
•[ hack, technology ]
The Amn3s1a Team hacking group releases a data dump containing what the group claims is nearly 2GB of source code stolen from several Mega.nz servers.
Mark Zuckerberg's Pinterest account
November 17, 2016
•[ hack, technology ]
OurMine hack Mark Zuckerberg's Pinterest Account and post a message suggesting they could help him with his online security.
24luv
November 12, 2016
•[ hack, misconfiguration, technology ]
The hacktivist known as ElSurveillance is back with its operation #EscortsOffline and two more data dumps from two dating sites: 24luv.com (92,937 users' email addresses and plain-text passwords) and freedateusa.com (127,395 email addresses and plain-text passwords).
Business Insider
November 2, 2016
•[ hack, technology ]
The collective called OurMine post and edited some stories on the US version of the website.
PageGroup
November 1, 2016
•[ hack, misconfiguration, technology ]
UK-based global recruitment firm PageGroup confirms that an alleged lone hacker broke into its network and illegally accessed job applicants' personal information. The data breach occurred when the hacker infiltrated a development server run by Capgemini.
Donald Trump's Twitter account
October 27, 2016
•[ hack, brute-force, technology ]
Three Dutch hackers broke into Donald Trump's Twitter account in 2016 by guessing his password was "yourefired".
RTFB
October 24, 2016
•[ hack, ddos, technology ]
The Syrian Cyber Army claims responsibility for DDoS attacks against several Belgian media news outlets including De Standaard, Het Nieuwsblad, Gazet van Antwerpen, Het Belang van Limburg, and RTFB.
StarHub
October 24, 2016
•[ hack, ddos, technology ]
A new DDoS attack hits the infrastructure of StarHub.
StarHub
October 22, 2016
•[ hack, ddos, technology ]
Singapore telecommunications company StarHub is the target of a DDoS attack (once again carried on flooding the company with bogus DNS queries).
Sony PlayStation Network
October 21, 2016
•[ hack, ddos, technology ]
The Sony Playstation Network is the target of the Mirai botnet DDoS attack.
Dailymotion
October 20, 2016
•[ hack, technology ]
In October 2016, the video sharing platform Dailymotion suffered a data breach. The attack led to the exposure of more than 85 million user accounts and included email addresses, usernames and bcrypt hashes of passwords.
RedBus
October 18, 2016
•[ leak, technology ]
Online travel giant Ibibo Group-owned ticketing platform RedBus confirms to have been subject to a cyber attack that might have exposed the email addresses of some of its customers.
Modern Business Systems (MBS)
October 13, 2016
•[ leak, technology ]
Over 58 million customer records are stolen and leaked online. Data includes names, email and postal addresses, phone numbers, IP addresses and more.
Modern Business Solutions
October 8, 2016
•[ leak, misconfiguration, technology ]
In October 2016, a large Mongo DB file containing tens of millions of accounts was shared publicly on Twitter (the file has since been removed). The database contained over 58M unique email addresses along with IP addresses, names, home addresses, genders, job titles, dates of birth and phone numbers. The data was subsequently attributed to "Modern Business Solutions", a company that provides data storage and database hosting solutions. They've yet to acknowledge the incident or explain how they came to be in possession of the data.
BuzzFeed
October 5, 2016
•[ hack, technology ]
OurMine hackers take control of BuzzFeed's website and alter multiple stories published on its site.
