Full List

Search

Search Results (technology)

• Brazzers September 5, 2016 • [ leak, misconfiguration, technology ] Nearly 800,000 accounts for popular porn site Brazzers have been exposed in a data breach.
• Digimon September 5, 2016 • [ leak, misconfiguration, technology ] In September 2016, over 16GB of logs from a service indicated to be digimon.co.in were obtained, most likely from an unprotected Mongo DB instance. The service ceased running shortly afterwards and no information remains about the precise nature of it. Based on enquiries made via Twitter, it appears to have been a mail service possibly based on PowerMTA and used for delivering spam. The logs contained information including 7.7M unique email recipients (names and addresses), mail server IP addresses, email subjects and tracking information including mail opens and clicks.
• ClixSense September 4, 2016 • [ hack, misconfiguration, technology ] In September 2016, the paid-to-click site ClixSense suffered a data breach which exposed 2.4 million subscriber identities. The breached data was then posted online by the attackers who claimed it was a subset of a larger data breach totalling 6.6 million records. The leaked data was extensive and included names, physical, email and IP addresses, genders and birth dates, account balances and passwords stored as plain text.
• NemoWeb September 4, 2016 • [ leak, misconfiguration, technology ] In September 2016, almost 21GB of data from the French website used for "standardised and decentralized means of exchange for publishing newsgroup articles" NemoWeb was leaked from what appears to have been an unprotected Mongo DB. The data consisted of a large volume of emails sent to the service and included almost 3.5M unique addresses, albeit many of them auto-generated. Multiple attempts were made to contact the operators of NemoWeb but no response was received.
• Variety September 3, 2016 • [ hack, misconfiguration, technology ] Entertainment news site Variety is briefly taken over by the infamous hacker group OurMine. The hacking collective manages to break into Variety's content management system and defaces the site with a post of their own claiming responsibility for the attack.
• Twitter September 3, 2016 • [ hack, misconfiguration, technology ] A group of hackers dubbed Spain Squad claims to have found a way to seize inactive and suspended Twitter accounts, and sells them on the social network.
• Lightspeed September 2, 2016 • [ hack, technology ] Point of sales vendor Lightspeed is breached with password, customer data, and API keys possibly exposed, and notifies customers in an email saying that the information was contained in a compromised database.
• Linode September 2, 2016 • [ hack, ddos, technology ] Linode reports the first of a series of DoS attacks on September 2nd, September 4th and September 5th. Another round will strike the company on Saturday, September 10th. Some of the attacks lasted up to eight hours.
• Last September 1, 2016 • [ hack, technology ] More than 43 million of user records from UK-based music streaming service Last.fm surfaced from a hack that occurred in 2012. Each record reportedly contains a username, email address, hashed password and profile data.
• Transmission BitTorrent Client September 1, 2016 • [ hack, malware, technology ] Developers of the Transmission BitTorrent client admitted that hackers replaced downloads of its file-sharing software with trojanized code. The hack, detected within hours, was designed to spread a Mac OS X backdoor, Kidnap, which steals user credentials.
• NetProspex September 1, 2016 • [ leak, misconfiguration, technology ] In 2016, a list of over 33 million individuals in corporate America sourced from Dun & Bradstreet's NetProspex service was leaked online. D&B believe the targeted marketing data was lost by a customer who purchased it from them. It contained extensive personal and corporate information including names, email addresses, job titles and general information about the employer.
• PPCGeeks August 19, 2016 • [ hack, sqlinjection, technology ] In August 2016, the pocket PC fan site forum PPCGeeks suffered a data breach that exposed over 490k records. The breach of the vBulletin forum exposed email and IP addresses, usernames, dates of birth and passwords stored as salted MD5 hashes. The data was provided to HIBP by a source who requested it be attributed to "fall1984@protonmail.com".
• Sage Software August 17, 2016 • [ insider, misconfiguration, technology ] A data breach at Sage Software may have compromised personal information for employees at 280 UK businesses. The breach was caused by "unauthorised access" by someone using an "internal" company computer login. The alleged author of the attack, a 32 year-old Sage employee was arrested at Heathrow airport.
• GeekedIn August 15, 2016 • [ leak, misconfiguration, technology ] In August 2016, the technology recruitment site GeekedIn left a MongoDB database exposed and over 8M records were extracted by an unknown third party. The breached data was originally scraped from GitHub in violation of their terms of use and contained information exposed in public profiles, including over 1 million members' email addresses. Full details on the incident (including how impacted members can see their leaked data) are covered in the blog post on 8 million GitHub profiles were leaked from GeekedIn's MongoDB - here's how to see yours.
• LinkedIn August 11, 2016 • [ hack, misconfiguration, technology ] A new lawsuit reveals that data thieves used a massive botnet against LinkedIn to steal members' personal information via information scraping by fake profiles.
• PAR Technology August 11, 2016 • [ financial, malware, technology ] Forbes reveals that the Carbanak Gang also breached 5 more cash registers providers.
• Epic Games August 11, 2016 • [ hack, sqlinjection, technology ] In August 2016, the Epic Games forum suffered a data breach, allegedly due to a SQL injection vulnerability in vBulletin. The attack resulted in the exposure of 252k accounts including usernames, email addresses and salted MD5 hashes of passwords.
• MICROS August 8, 2016 • [ financial, malware, technology ] The Carbanak Gang appears to have compromised a customer support portal for companies using Oracle's MICROS point-of-sale credit card payment systems, and used that access to steal administrative credentials and implant malicious code on 700 terminals.
• michaelphelps August 7, 2016 • [ hack, ddos, technology ] New World Hackers claim responsibility for taking down the personal website of Michael Phelps.
• Wishbone (2016) August 7, 2016 • [ hack, social, technology ] In August 2016, the mobile app to "compare anything" known as Wishbone suffered a data breach. The data contained 9.4 million records with 2.2 million unique email addresses and was allegedly a subset of the complete data set. The exposed data included genders, birthdates, email addresses and phone numbers for an audience predominantly composed of teenagers and young adults.