Square Enix
July 14, 2017
•[ hack, ddos, technology ]
Square Enix attributes the connectivity issues that have plagued Final Fantasy 14's Stormblood expansion since its release in June on continuous distributed denial-of-service (DDoS) attacks from a third party.
Mansfield 103.2
July 11, 2017
•[ hack, misconfiguration, technology ]
The UK Communications Regulator (Ofcom) is hunting a pirate who persistently overrides frequency of Mansfield 103.2 to play a modified version of "The Winker's Song".
Reliance Jio
July 9, 2017
•[ leak, misconfiguration, technology ]
Personal details of some 120 million Reliance Jio customers are exposed on the Internet in probably the biggest breach of personal data ever in India.
Deep Hosting
July 8, 2017
•[ hack, technology ]
Deep Hosting, a Dark Web hosting service, admits to have suffered a major security incident during which "some sites have been exported".
gandi
July 7, 2017
•[ hack, malware, technology ]
French domain registrar Gandi loses control over 751 customer domains, which have their DNS records altered to point incoming traffic to websites hosting exploits kits.
China Digital Times
July 5, 2017
•[ social, phishing, technology ]
A threat actor targeted the China Digital Times, a civil-society and news organization based outside China that publishes English- and Chinese-language content, using phishing techniques with the goal of compromising its network.
Google
July 3, 2017
•[ leak, technology ]
In the wake of the breach that occurred at Sabre Hospitality Solutions earlier in May, the personal details of a small number of Google staffers have been exposed, according to a notification letter Google sends out to affected employees.
8tracks
June 27, 2017
•[ leak, technology ]
Motherboard reveals that millions of accounts for internet radio service 8tracks are being traded on the digital underground. The total number of affected accounts could be as high as 18 million.
8tracks
June 27, 2017
•[ hack, misconfiguration, technology ]
In June 2017, the online playlists service known as 8Tracks suffered a data breach which impacted 18 million accounts. In their disclosure, 8Tracks advised that "the vector for the attack was an employees GitHub account, which was not secured using two-factor authentication". Salted SHA-1 password hashes for users who didn't sign up with either Google or Facebook authentication were also included. The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies and contained almost 8 million unique email addresses. The complete set of 18M records was later provided by JimScott.Sec@protonmail.com and updated in HIBP accordingly.
Microsoft
June 23, 2017
•[ leak, technology ]
A massive trove of Microsoft's internal Windows 10 operating system builds and portions of its core source code (a total of 32TB) are leaked online.
Skype
June 21, 2017
•[ hack, ddos, technology ]
A hacking group called CyberTeam claims responsibility for a DDoS attack against Skype.
Nayana
June 19, 2017
•[ ransomware, malware, technology ]
A South Korean Web-hosting service provider, Nayana, agrees to pay $1 million to a ransomware operation that encrypted data stored on 153 Linux servers and 3,400 customer websites via the Erebus ransomware.
Al Jazeera Media Network
June 8, 2017
•[ hack, ddos, technology ]
The websites and digital platforms of Al Jazeera Media Network are undergoing "systematic and continual hacking attempts". Internal sources reveal that the network is facing a DDoS attack.
CD Projekt Red
June 8, 2017
•[ ransomware, technology ]
CD Projekt Red, the Polish studio maker behind the popular The Witcher 3 RPG, suffers a data breach and the attacker is holding the company for ransom, threatening to release stolen files if the game maker doesn't pay an undisclosed sum of money.
Good Choice (hotel reservation app)
June 1, 2017
•[ hack, leak, technology ]
Hackers suspected of breaching a popular South Korean mobile app and stealing the personal data of more than 990,000 are arrested by local police in Korea.
OneLogin
May 31, 2017
•[ hack, misconfiguration, technology ]
OneLogin reveals the details about an attack on its systems, confirming that a "threat actor" has accessed database tables including "information about users, apps, and various types of keys." The attacker was been able to rifle through OneLogin's infrastructure for seven hours.
DaFont
May 18, 2017
•[ hack, technology ]
The popular font sharing site DaFont.com is hacked, exposing the site's entire database of 699,464 user accounts.
Panic
May 18, 2017
•[ hack, malware, technology ]
Apple app maker Panic's CEO Steven Frank says he mistakenly downloaded the malware-laced DVD-ripping app HandBrake resulting in some of the company's source code being stolen.
Zomato
May 17, 2017
•[ hack, technology ]
In May 2017, the restaurant guide website Zomato was hacked resulting in the exposure of almost 17 million accounts. The data was consequently redistributed online and contains email addresses, usernames and salted MD5 hashes of passwords (the password hash was not present on all accounts). This data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.
Bell Canada
May 16, 2017
•[ hack, technology ]
Bell Canada says that 1.9 million customer account details have been stolen by unknown hackers, although no payment card numbers or passwords have been taken.
