Channel 2
December 1, 2016
•[ hack, technology ]
Two main news channels in Israel were hacked and the attackers broadcasted a 30-second clip showing images of Muslim holy sites and Quranic scriptures.
Post Office
December 1, 2016
•[ hack, ddos, technology ]
Thousands of TalkTalk and Post Office customers have had their internet access cut by an attack targeting certain types of internet routers.
FashionFantasyGame
December 1, 2016
•[ leak, misconfiguration, technology ]
In late 2016, the fashion gaming website Fashion Fantasy Game suffered a data breach. The incident exposed 2.3 million unique user accounts and corresponding MD5 password hashes with no salt. The data was contributed to Have I Been Pwned courtesy of rip@creep.im.
Youku
December 1, 2016
•[ leak, technology ]
In late 2016, the online Chinese video service Youku suffered a data breach. The incident exposed 92 million unique user accounts and corresponding MD5 password hashes. The data was contributed to Have I Been Pwned courtesy of rip@creep.im.
Deutsche Telekom
November 29, 2016
•[ hack, malware, technology ]
900,000 Deutsche Telekom customers are knocked off the internet when their routers are hit by a malware attack launched through the Mirai Botnet exploiting a SOAP Remote Execution Vulnerability.
xHamster
November 28, 2016
•[ hack, malware, technology ]
In November 2016, news broke that hackers were trading hundreds of thousands of xHamster porn account details. In total, the data contained almost 380k unique user records including email addresses, usernames and unsalted MD5 password hashes.
Ask
November 23, 2016
•[ hack, malware, technology ]
An unknown attacker hijacks the update mechanism employed by Ask Partner Network (APN) to download suspicious code onto unsuspecting users' PCs.
Mailchimp
November 23, 2016
•[ hack, malware, technology ]
Hackers compromise the Mailchimp database and manage to send out emails containing malicious links to subscribers of various different companies.
RankWatch
November 19, 2016
•[ leak, misconfiguration, technology ]
In approximately November 2016, the search engine optimisation management company RankWatch exposed a Mongo DB with no password publicly whereupon their data was exfiltrated and posted to an online forum. The data contained 7.4 million unique email addresses along with names, employers, phone numbers and job titles in a table called "us_emails". When contacted and advised of the incident, RankWatch would not reveal the purpose of the data, where it had been acquired from and whether the data owners had consented to its collection. The forum which originally posted the data explained it as being "in the same vein as the modbsolutions leak", a large list of corporate data allegedly used for spam purposes.
Three Mobile
November 18, 2016
•[ hack, phishing, technology ]
Three Mobile admits that hackers have successfully accessed its customer upgrade database after using an employee login. 6 million customers' private information is at risk.
Mega
November 18, 2016
•[ hack, technology ]
The Amn3s1a Team hacking group releases a data dump containing what the group claims is nearly 2GB of source code stolen from several Mega.nz servers.
Mark Zuckerberg's Pinterest account
November 17, 2016
•[ hack, technology ]
OurMine hack Mark Zuckerberg's Pinterest Account and post a message suggesting they could help him with his online security.
24luv
November 12, 2016
•[ hack, misconfiguration, technology ]
The hacktivist known as ElSurveillance is back with its operation #EscortsOffline and two more data dumps from two dating sites: 24luv.com (92,937 users' email addresses and plain-text passwords) and freedateusa.com (127,395 email addresses and plain-text passwords).
Business Insider
November 2, 2016
•[ hack, technology ]
The collective called OurMine post and edited some stories on the US version of the website.
PageGroup
November 1, 2016
•[ hack, misconfiguration, technology ]
UK-based global recruitment firm PageGroup confirms that an alleged lone hacker broke into its network and illegally accessed job applicants' personal information. The data breach occurred when the hacker infiltrated a development server run by Capgemini.
Donald Trump's Twitter account
October 27, 2016
•[ hack, brute-force, technology ]
Three Dutch hackers broke into Donald Trump's Twitter account in 2016 by guessing his password was "yourefired".
RTFB
October 24, 2016
•[ hack, ddos, technology ]
The Syrian Cyber Army claims responsibility for DDoS attacks against several Belgian media news outlets including De Standaard, Het Nieuwsblad, Gazet van Antwerpen, Het Belang van Limburg, and RTFB.
StarHub
October 24, 2016
•[ hack, ddos, technology ]
A new DDoS attack hits the infrastructure of StarHub.
StarHub
October 22, 2016
•[ hack, ddos, technology ]
Singapore telecommunications company StarHub is the target of a DDoS attack (once again carried on flooding the company with bogus DNS queries).
Sony PlayStation Network
October 21, 2016
•[ hack, ddos, technology ]
The Sony Playstation Network is the target of the Mirai botnet DDoS attack.
