Dailymotion
October 20, 2016
•[ hack, technology ]
In October 2016, the video sharing platform Dailymotion suffered a data breach. The attack led to the exposure of more than 85 million user accounts and included email addresses, usernames and bcrypt hashes of passwords.
RedBus
October 18, 2016
•[ leak, technology ]
Online travel giant Ibibo Group-owned ticketing platform RedBus confirms to have been subject to a cyber attack that might have exposed the email addresses of some of its customers.
Modern Business Systems (MBS)
October 13, 2016
•[ leak, technology ]
Over 58 million customer records are stolen and leaked online. Data includes names, email and postal addresses, phone numbers, IP addresses and more.
Modern Business Solutions
October 8, 2016
•[ leak, misconfiguration, technology ]
In October 2016, a large Mongo DB file containing tens of millions of accounts was shared publicly on Twitter (the file has since been removed). The database contained over 58M unique email addresses along with IP addresses, names, home addresses, genders, job titles, dates of birth and phone numbers. The data was subsequently attributed to "Modern Business Solutions", a company that provides data storage and database hosting solutions. They've yet to acknowledge the incident or explain how they came to be in possession of the data.
BuzzFeed
October 5, 2016
•[ hack, technology ]
OurMine hackers take control of BuzzFeed's website and alter multiple stories published on its site.
Spotify
October 4, 2016
•[ hack, malware, technology ]
Multiple users report that popular music-streaming service Spotify serves malware-laden ads.
Pokémon Negro
October 1, 2016
•[ leak, technology ]
In approximately October 2016, the Spanish Pokmon site Pokmon Negro suffered a data breach. The attack resulted in the disclosure of 830k accounts including email and IP addresses along with plain text passwords. Pokmon Negro did not respond when contacted about the breach.
Large LED video screen billboard in South Jakarta
September 30, 2016
•[ hack, technology ]
An unknown hacker or a group of hackers hack into the computer system of a large LED video screen billboard in the Kebayoran Baru district of South Jakarta and replace the advertisement on the screen with pornographic content for a short period of time.
newseasims
September 30, 2016
•[ leak, technology ]
A hacker going by the handle of "Websites Hunter" hacks newseasims.com, a website that offers custom content for Sims video games from Electronic Arts, and leaks personal details of 118,000 customers/users.
Bellingcat
September 29, 2016
•[ espionage, technology ]
ThreatConnect reveals that investigative journalism group Bellingcat, that helped to investigate the downing of flight MH17 over eastern Ukraine in 2014 have been targeted in a series of sophisticated attacks by pro-Russia group Fancy Bear.
Justdate.com
September 29, 2016
•[ leak, technology ]
An alleged breach of the dating website Justdate.com began circulating in approximately September 2016. Comprised of over 24 million records, the data contained various personal attributes such as email addresses, dates of birth and physical locations. However, upon verification with HIBP subscribers, only a fraction of the data was found to be accurate and no account owners recalled using the Justdate.com service. This breach has consequently been flagged as fabricated; it's highly unlikely the data was sourced from Justdate.com.
i-dressup
September 26, 2016
•[ hack, misconfiguration, technology ]
Un unknown hacker downloads more than 2.2 million of improperly stored account credentials from i-dressup.com, a social hangout website for teenage girls.
H&L Australia
September 20, 2016
•[ hack, technology ]
Hackers claim to have hacked Australian point-of-sale technology (PoS) company H&L Australia, and offer the database for sale. They were already offering it for sale for AU$22,000 ($16,580, 12,723) more than two months ago.
modaco
September 20, 2016
•[ hack, technology ]
Modaco.com, a UK-based forum dedicated to the Android operating system is breached, with nearly 800,000 usernames and passwords stolen by hackers. The attack dates back to January 2016.
Unknown Organization
September 18, 2016
•[ hack, ddos, technology ]
Blizzard's Battle.net servers are knocked offline by yet another denial-of-service (DDoS) attack claimed by hacking group PoodleCorp.
Leet
September 10, 2016
•[ hack, technology ]
In August 2016, the service for creating and running Pocket Minecraft edition servers known as Leet was reported as having suffered a data breach that impacted 6 million subscribers. The incident reported by Softpedia had allegedly taken place earlier in the year, although the data set sent to HIBP was dated as recently as early September but contained only 2 million subscribers. The data included usernames, email and IP addresses and SHA512 hashes. A further 3 million accounts were obtained and added to HIBP several days after the initial data was loaded bringing the total to over 5 million.
VoIPTalk
September 9, 2016
•[ hack, technology ]
Telephony provider VolPtalk may have been hit by hackers. The firm discreetly informs customers about a potential data breach and request to reset their passwords as a precautionary measure.
KrebsOnSecurity
September 9, 2016
•[ hack, ddos, technology ]
Security researcher Brian Krebs' website KrebsOnSecurity comes under "heavy and sustainable" attack after two 18 year-old Israeli hackers were arrested over their connection with a DDoS-for-hire service called vDOS.
Unknown Organization
September 9, 2016
•[ hack, technology ]
Popular science website EurekAlert!, which handles embargoed reports on health, medicine, and technology is hacked. The announcement in the website states that usernames and passwords to the service have been compromised. The hacker has also leaked two embargoed reports.
uuu9
September 6, 2016
•[ leak, technology ]
In September 2016, data was allegedly obtained from the Chinese website known as uuu9.com and contained 7.5M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as "unverified". The data in the breach contains email addresses and user names. Read more about Chinese data breaches in Have I Been Pwned.
