OneLogin
May 31, 2017
•[ hack, misconfiguration, technology ]
OneLogin reveals the details about an attack on its systems, confirming that a "threat actor" has accessed database tables including "information about users, apps, and various types of keys." The attacker was been able to rifle through OneLogin's infrastructure for seven hours.
DaFont
May 18, 2017
•[ hack, technology ]
The popular font sharing site DaFont.com is hacked, exposing the site's entire database of 699,464 user accounts.
Panic
May 18, 2017
•[ hack, malware, technology ]
Apple app maker Panic's CEO Steven Frank says he mistakenly downloaded the malware-laced DVD-ripping app HandBrake resulting in some of the company's source code being stolen.
Zomato
May 17, 2017
•[ hack, technology ]
In May 2017, the restaurant guide website Zomato was hacked resulting in the exposure of almost 17 million accounts. The data was consequently redistributed online and contains email addresses, usernames and salted MD5 hashes of passwords (the password hash was not present on all accounts). This data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.
DaFont
May 16, 2017
•[ hack, sqlinjection, technology ]
In May 2017, font sharing site DaFont suffered a data breach resulting in the exposure of 637k records. Allegedly due to a SQL injection vulnerability exploited by multiple parties, the exposed data included usernames, email addresses and passwords stored as MD5 without a salt.
Bell Canada
May 16, 2017
•[ hack, technology ]
Bell Canada says that 1.9 million customer account details have been stolen by unknown hackers, although no payment card numbers or passwords have been taken.
Reincubate
May 11, 2017
•[ leak, misconfiguration, technology ]
In October 2020, the app data company Reincubate suffered a data breach which exposed a backup from November 2017 (the newest record in the data appeared several months earlier). The data included over 616k unique email addresses, names and passwords stored as PBKDF2 hashes.
Cedexis
May 10, 2017
•[ hack, ddos, technology ]
A DDos attack against Cedexis knocks out several major French news websites including Le Monde and Le Figaro.
German O2-Telefonica users
May 3, 2017
•[ financial, ss7, technology ]
O2-Telefonica in Germany confirms to S ddeutsche Zeitung that some of its customers have had their bank accounts drained using a two-stage attack that exploits SS7.
HandBrake
May 2, 2017
•[ hack, malware, technology ]
The popular DVD-ripping HandBrake app, is hacked to install a new variant of the Proton malware.
Gannett Co.
May 2, 2017
•[ social, phishing, technology ]
A phishing email attack potentially compromises the accounts of as many as 18,000 current and former employees of media company Gannett Co.
Netflix
April 28, 2017
•[ ransomware, misconfiguration, technology ]
TheDarkOverlord leaks upcoming episode of Orange is the New Black after Netflix doesn't pay extortion demand. The hack happened via a "production vendor".
Ciphr
April 26, 2017
•[ leak, technology ]
Customer data from encrypted phone company Ciphr is dumped online.
Fashion Fantasy Game
April 20, 2017
•[ leak, technology ]
A 2016 data breach leaves Fashion Fantasy Game, an online game and social network for fashion lovers, with millions of user account credentials being leaked on the web.
Youku
April 12, 2017
•[ leak, technology ]
A dark web vendor going by the handle of CosmicDark sells a database containing 100,759,591 user accounts stolen from of Youku Inc., a popular video service in China.
Melbourne IT
April 12, 2017
•[ hack, ddos, technology ]
Australian ISP Melbourne IT confirms that it was hit by "a large DDoS attack" that disrupted its web hosting.
Sierra Tel
April 10, 2017
•[ hack, malware, technology ]
The Bricker Bot takes down the Zyxel HN-51 Modem belonging to Sierra Tel, a Californian ISP.
Anonymous
April 5, 2017
•[ espionage, technology ]
Anonymous members who want to participate in this year's annual #OpIsrael cyber-attacks are the targets of an intelligence gathering operation carried out by an unknown threat actor.
New York Post
April 1, 2017
•[ hack, technology ]
The New York Post issues an apology after its app is hacked in an April Fool's Day prank and sends out a flurry of bizarre news alerts including one that read, "Heil President Donald Trump".
