Balloon Race: Data Breaches - LATEST
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

 
View only
 
 
ABCDEFGHIJKLMN
1
Entityalternative namerecords lostYEARstorySECTORMETHODinteresting storyDATA SENSITIVITYDISPLAYED RECORDSsource name1st source link2nd source link
2
(use 3m, 4m, 5m or 10m to approximate unknown figures) year story broke1. Just email address/Online information
2 SSN/Personal details
3 Credit card information
4 Health & other personal records
5 Full details
3
WordPress76,500,0002018Aug 2018. According to security researchers, WordPress was notified of a security vulnerability over a year ago, but did not address it. No reports have been received which suggest the exploit is being actively used in the wild.webpoor security1ZDNethttps://www.zdnet.com/article/wordpress-plugs-bug-that-led-to-google-indexing-some-user-passwords/https://www.zdnet.com/article/wordpress-vulnerability-affects-a-third-of-most-popular-websites-online/
4
Google+52,500,0002018Dec 2018. A new vulnerability could have exposed users' personal details to developers, even if their profiles were set to private. Google will now shut down the consumer version of the social network 4 months earlier than planned. webpoor security2The Vergehttps://www.theverge.com/2018/12/10/18134541/google-plus-privacy-api-data-leak-developers
5
Quora100,000,0002018Dec 2018. Compromised: logins for around 100m visitors who use the site to ask and answer questions about politics, faith, calculus, unrequited love, the meaning of life and morewebhacked1100,000,000NY Timeshttps://www.nytimes.com/2018/12/04/technology/quora-hack-data-breach.html
6
Marriott Hotels500,000,0002018Nov 2018. Sensitive data on customer to all Starwood hotels (including Sheraton, Regis, W Hotels) leaked since 2014. Credit card details and some passport info.retailhacked4500,000,000NY Timeshttps://www.nytimes.com/2018/11/30/business/marriott-data-breach.html
7
NMBSBelgian national railway operator1,460,0002018Dec 2018. Data stored on a non-secure server, making it possible to access names, gender, DOB, email and postal address data of customers externally by means of a simple search engine query. Most of the data belong to customers in Belgium, France and the UK, including thousands of Commission and Parliament employees. Caused, the NMBS said, by a data worker “clicking on the wrong button”.transportoops!2Flanders Todayhttp://www.flanderstoday.eu/business/nmbs-data-leak-was-breach-privacy
8
Facebook50,000,0002018Mar 2018. Cambridge Analytica, headed at the time by Steve Bannon, harvested 50m profiles in early 2014 to build a system that could profile US voters and target them with political adverts. webhackedy150,000,000Guardianhttps://www.theguardian.com/news/2018/mar/17/cambridge-analytica-facebook-influence-us-election?CMP=twt_gu
9
Panerabread37,000,0002018Apr 2018. Customer records were available via the bakery chain's site for at least 8 months. Panerabread were alerted to the leak in Aug 2017, but didn't pull the site until Apr 2018. Panerabread claims 10k records were leaked, but security researchers put the figure at over 37 million. retailpoor security2Krebsonsecurity, Mediumhttps://krebsonsecurity.com/2018/04/panerabread-com-leaks-millions-of-customer-records/https://medium.com/@djhoulihan/no-panera-bread-doesnt-take-security-seriously-bf078027f815
10
Aadhaar1,000,000,0002018Jan 2018. The personal information of more than a billion Indians stored in the world’s largest biometric database can be bought online for less than £6, according to an investigation by an Indian newspaper. The reporter who broke the story has been named in a criminal complaint filed by government agency responsible for the data. governmentoops!3Guardianhttps://www.theguardian.com/world/2018/jan/04/india-national-id-database-data-leak-bought-online-aadhaar
11
Dixons Carphone10,000,0002018Jun 2018. Dixons Carphone revealed personal info for 10 million customers was stolen sometime in 2017. telecomshacked1Dixons Carphonehttps://www.dixonscarphone.com/message
12
MyHeritage92,283,8892018Jun 2018. Email addresses and encrypted passwords were stolen. As yet there is no evidence that the hackers have used the data. webhacked1Bloomberghttps://www.bloomberg.com/news/articles/2018-06-05/hack-of-dna-website-exposes-data-from-92-million-user-accounts
13
Saks and Lord & TaylorBoth owned by Hudson's Bay Company5,000,0002018Apr 2018. A known ring of cybercriminals implanted software into store cash registers, siphoning off payment card details. The company has not divulged the full extent of the breach. Researchers estimate 5m records.retailhacked3NYTimeshttps://www.nytimes.com/2018/04/01/technology/saks-lord-taylor-credit-cards.html
14
CareemDubai-born ride hailing service14,000,0002018Apr 2018. Careem's official blog stated there was no evidence of payment info having been stolen, but it did admit that names, email address, phone numbers, and trip data were hacked. apphacked2Khaleej Timeshttps://www.khaleejtimes.com/nation/dubai//dubais-careem-admits-to-data-breach-of-14-million-users
15
Texas voter records14,800,0002018Aug 2018. A single file containing 14.8 million records was left on an unsecured server without a password. Data exposed included name, address, gender, and voting history. webpoor security2TechCrunchhttps://techcrunch.com/2018/08/23/millions-of-texas-voter-records-exposed-online/
16
British Airways380,0002018Sep 2018. Personal and financial details of customers making bookings between Aug 21st and Sep 5th were compromised. transporthacked4Guardianhttps://www.theguardian.com/business/2018/sep/06/british-airways-customer-data-stolen-from-its-website
17
T-Mobile2,000,0002018Aug 2018. T-Mobile initially said that personal data was stolen, but no passwords or financial info. They later admitted that encrypted passwords had been stolen. telecomshacked1Motherboardhttps://motherboard.vice.com/en_us/article/a3qpk5/t-mobile-hack-data-breach-api-customer-data
18
MyFitnessPalUnderArmour150,000,0002018Mar 2018. Usernames, email addresses, and hashed user passwords were stolen. apphacked1150,000,000Guardianhttps://www.theguardian.com/technology/2018/mar/30/hackers-steal-data-150m-myfitnesspal-app-users-under-armour
19
Health South EastHealth authority responsible for 10 Norwegian counties.3,000,0002018Feb 2018. Health data was stolen from more than half of Norway's population. healthcarehacked4It Governancehttps://www.itgovernance.eu/blog/en/breach-at-norways-largest-healthcare-authority-was-a-disaster-waiting-to-happen
20
NametestsFacebook quiz app owned by Social Sweethearts120,000,0002018Jun 2018. A security failure in a popular quiz app on Facebook left millions of people’s data exposed for almost two years. The data exposed included pictures, status updates, friends lists etc.apppoor security1120,000,000Mediumhttps://medium.com/@intideceukelaire/this-popular-facebook-app-publicly-exposed-your-data-for-years-12483418eff8
21
Ticketmaster40,0002018Jun 2018. Malicious software on third-party customer support product Inbenta Technologies caused the hack, and was likely to have affected UK customers who bought tickets between Feb and June 2018. webhacked3BBC Newshttps://www.bbc.co.uk/news/technology-44628874
22
FirebaseA service from Google100,000,0002018Jun 2018. Thousands of iOS and Android mobile applications are exposing over 113 GBs of data via 2,271+ misconfigured Firebase databases.apppoor security5100,000,000Bleeping Computerhttps://www.bleepingcomputer.com/news/security/thousands-of-apps-leak-sensitive-data-via-misconfigured-firebase-backends/
23
AadhaarIndia's national, biometric government ID database1,100,000,0002018Mar 2018. A security researcher discovered a system vulnerability which means that anybody could download private info on all Aadhaar users. The govt. department that deals with the database has denied the breach. governmentpoor security41,100,000,000ZDNethttp://www.zdnet.com/article/another-data-leak-hits-india-aadhaar-biometric-database/
24
Grindr3,000,0002018Mar 2018. A third-party tool that allows users to see who blocked them on Grindr was able to access non-public personal info, including exact locations of users who had opted out of location sharing. apppoor security3NBC Newshttps://www.nbcnews.com/feature/nbc-out/security-flaws-gay-dating-app-grindr-expose-users-location-data-n858446
25
Orbitz880,0002018Mar 2018. An old version of the travel website was hacked, exposing personal details and payment card info. Orbitz is now owned by Expedia. webhacked3US Newshttps://www.usnews.com/news/business/articles/2018-03-20/orbitz-legacy-travel-booking-platform-likely-hacked
26
MBM CompanyLimogés Jewellery1,300,0002018Mar 2018. Negligent storage of a customer database exposed full postal addresses, email addresses, IP addresses and plain-text passwords. retailpoor security4NextWebhttps://thenextweb.com/security/2018/03/14/jewelry-site-accidentally-leaks-personal-details-plaintext-passwords-1-3m-users/
27
LocalBloxdatasearch service48,000,0002018May 2018. A cloud storage repository was left publically accessible. Data included names, addresses, DOBs, social media info etc. webpoor security2UpGuardhttps://www.upguard.com/breaches/s3-localblox
28
Twitter330,000,0002018May 2018. A glitch caused some passwords to be stored in readable text, visible on the internal computer system. apppoor security1330,000,000Reutershttps://www.reuters.com/article/us-twitter-passwords/twitter-urges-all-users-to-change-passwords-after-glitch-idUSKBN1I42JG
29
ViewFinesSouth African traffic fines database934,0002018May 2018. Data published included names, ID numbers, cell numbers, email addresses and plain text passwords.transportoops!4iAfrikanhttps://www.iafrikan.com/2018/05/23/just-under-1-million-personal-records-of-south-africans-leaked-online/
30
TicketFly27,000,0002018Aug 2018. Names, addresses, email addresses and phone numbers were stolen. webhacked2TicketFlyhttps://support.ticketfly.com/s/article/41507
31
Amazon5,000,0002018Nov 2018. Customer names & email addresses were disclosed on its website. Amazon hasn't confirmed how many records were exposed. retailoops!1Guardianhttps://www.theguardian.com/technology/2018/nov/21/amazon-hit-with-major-data-breach-days-before-black-friday
32
Amazon100,0002018Nov 2018. Customer names and email addresses accidentally disclosed on its website, just two days ahead of Black Friday. No of users affected not released.techpoor security1The Guardianhttps://amp.theguardian.com/technology/2018/nov/21/amazon-hit-with-major-data-breach-days-before-black-friday
33
Urban MassageHome massage app309,0002018Nov 2018. Database contained over 351,000 booking records, and more than 2,000 records on Urban massage therapists, including their names, email addresses and phone numbers.apppoor security2Tech Crunchhttps://techcrunch.com/2018/11/27/urban-massage-data-exposed-customers-creepy-clients/?guccounter=1
34
Dell 100,0002018Nov 2018. Dell detected & disrupted unauthorized activity on its network attempting to extract Dell customer information, which was included names, email addresses & hashed passwordstechhacked1Dellhttps://www.dell.com/learn/us/en/uscorp1/press-releases/2018-11-28-customer-update
35
High Tail Hallerotic role-playing site411,0002018Nov 2018. Hackers were able to obtain email addresses, names, order histories, hashed passwords, & both physical and IP addresses for 411,000 High Tail Hall players.webhacked2Daily Mailhttps://www.dailymail.co.uk/sciencetech/article-6415441/Furry-erotica-site-hit-data-breach-exposed-hundreds-thousands-users-information.html
36
SKY Brasil32,000,0002018Nov 2018. Poorly configured Elastisearch servers exposed customer details including payment methods. telecomspoor security1Bleeping Computerhttps://www.bleepingcomputer.com/news/security/sky-brasil-exposes-32-million-customer-records/
37
Vision DirectUK opticians100,0002018Nov 2018. User numbers not revealed. The attackers made away with personal information, passwords and CVV security codes. retailhacked4It Prohttps://www.itpro.co.uk/data-breaches/32393/attackers-steal-credit-card-details-in-vision-direct-data-breach
38
Healthcare.gov75,0002018Oct 2018. "Sensitive" information on applicants for health insurance was hacked.healthcarehacked4GizModohttps://gizmodo.com/healthcare-gov-portal-suffers-data-breach-trump-offici-1829877392?IR=T
39
CMSCenters for Medicare & Medicaid Services93,6892018Nov 2018. CMS states that no protected health info, banking or tax details were breached, but personal info, insurance, income etc might have been exposed. healthcarehacked2HCA Newshttps://www.hcanews.com/news/update-94k-hit-in-cms-data-breach
40
Facebook29,000,0002018Oct 2018. Malicious third-party scrapers collected profile information from many Facebook users. webhacked2Business Insider, Facebookhttps://www.businessinsider.com.au/facebook-thinks-spammers-responsible-hack-stole-info-from-29-million-users-2018-10?r=US&IR=Thttps://newsroom.fb.com/news/2018/10/update-on-security-issue/
41
Newegg45,000,0002018Sep 2018. Hackers injected 15 lines of card skimming code on the Australian online retailer's payments page which remained for more than a month between Aug 14 and Sep 18. With over 45m monthly visitors, it's unclear how many customers were breached.retailhacked3Slashdothttps://yro.slashdot.org/story/18/09/19/1417242/hackers-stole-customer-credit-cards-in-newegg-data-breach?utm_source=rss1.0mainlinkanon&utm_medium=feed
42
Disqus17,500,0002017Dec 2017. Hackers stole 17.5m email addresses in 2012. About a third of those accounts contained passwords, which were hashed using the dated SHA-1 algorithmwebhacked4ZD Nethttp://www.zdnet.com/article/disqus-confirms-comments-tool-hacked/
43
RootsWeb300,0002017Dec 2017. Ancestry.com's community-driven site RootsWeb was exposed after passwords, email addresses and usernames were leaked from the server. webpoor security4Threat Posthttps://threatpost.com/leaky-rootsweb-server-exposes-some-ancestry-com-user-data/129248/
44
Yahoo32,000,0002017Mar 2017. User accounts have been hacked using forged cookies to log in without a password over a 2 year period.webhacked4CNethttps://www.cnet.com/news/yahoo-says-forged-cookie-attack-accessed-about-32m-accounts/
45
Uber57,000,0002017Nov 2017. Uber paid the hackers $100,000 to delete the stolen data. Chief security officer Joe Sullivan has resigned.apphacked157,000,000Bloomberghttps://www.bloomberg.com/news/articles/2017-11-21/uber-concealed-cyberattack-that-exposed-57-million-people-s-data
46
Wonga270,0002017Apr 2017. Customers from the UK and Poland look to have been affected. financialhacked4The Guardianhttps://www.theguardian.com/business/2017/apr/09/wonga-data-breach-could-affect-250000-uk-customers?CMP=Share_iOSApp_Other
47
Snapchat1,700,0002017Apr 2017. Indian hackers apparently leaked data they stole last year in response to Snapchat CEO allegedly stating they had no plans to expand to 'poor countries' like India. Snapchat have yet to confirm any leak.apphacked1BGRhttp://www.bgr.in/news/indian-hacker-group-leaks-data-of-1-7-million-snapchat-users-after-ceos-poor-country-comments-report/
48
Spambot711,000,0002017Aug 2017. A misconfigured spambot has leaked over 700m records, although many of them are likely to be fake or repeated accounts.webpoor security4The Guardianhttps://www.theguardian.com/technology/2017/aug/30/spambot-leaks-700m-email-addresses-huge-data-breach-passwords
49
CEX2,000,0002017Aug 2017. A misconfigured spambot leaked full contact info & financial details, although the newest financial data dates to 2009. retailoops!3The Guardianhttps://www.theguardian.com/technology/2017/aug/30/spambot-leaks-700m-email-addresses-huge-data-breach-passwords
50
Al.type31,000,0002017Dec 2017. The app's developer failed to secure the database server. apppoor security4ZDNethttp://www.zdnet.com/article/popular-virtual-keyboard-leaks-31-million-user-data/
51
Cellebrite3,000,0002017Jan 2017. Cellebrite's main product is a device that rips data from mobile phones. 900GB of data was stolen from Cellebrite. The hackers got hacked. The number of records taken is unknown.
techhackedy2Motherboardhttp://motherboard.vice.com/read/hacker-steals-900-gb-of-cellebrite-data
52
WaterlyApp for paying water bills1,000,0002017Jan 2017. Israel-based app contained a vulnerability in the sign-in process that could potentially expose user account details. The problem was fixed within 2 weeks of being identifiied. apppoor security3Data Breacheshttps://www.databreaches.net/waterly-app-potentially-exposed-up-to-1-million-israelis-details-researcher/
53
Swedish Transport Agency3,000,0002017Jul 2017. Information about all vehicles in the country (including military and police), made available to IT workers who hadn't been through usual security checks. The question of whether or not Sweden's national security was harmed is censored in the Säpo (Sweden's security police) report.governmentpoor securityy5The Localhttps://www.thelocal.se/20170717/swedish-authority-handed-over-keys-to-the-kingdom-in-it-security-slip-up
54
Hong Kong Registration & Electoral Office3,700,0002017Mar 2017. "the personal information of the city’s 3.7 million voters was possibly compromised after the Registration and Electoral Office reported two laptop computers went missing at its backup venue for the chief executive election."governmentlost device 2SCMPhttp://www.scmp.com/news/hong-kong/politics/article/2082566/laptops-containing-37-million-hong-kong-voters-data-stolen
55
River City MediaSpam operator1,370,000,0002017Mar 2017. A dodgy backup has allegedly resulted in over a billion leaked email addresses, plus other personal info in some cases, and has exposed RCM's business plans & operations. weboops!21,370,000,000Guardianhttps://www.theguardian.com/technology/2017/mar/06/email-addresses-spam-leak-river-city-media
56
DaFontFont sharing site700,0002017May 2017. Apparently the hacker found out others were selling the site's database, so he decided to get in on the action himself.webhacked4ZD Nethttp://www.zdnet.com/article/font-sharing-site-dafont-hacked-thousands-of-accounts-stolen/
57
Bell1,900,0002017May 2017. Somebody claiming to be behind the attack has threatened Bell with more leaks if they don't cooporate. telecomshacked1CBChttp://www.cbc.ca/beta/news/technology/bell-data-breach-customer-names-phone-numbers-emails-leak-1.4116608
58
ZomatoRestaurants & events17,000,0002017May 2017. The hacker is selling the stolen dataset for around $1000. webhacked4HackReadhttps://www.hackread.com/zomato-hacked-17-million-accounts-sold-on-dark-web/
59
Imgur1,700,0002017Nov 2017. Imgur are still investigating how the breach took place. The data was stolen in 2014, but Imgur claim they only discovered it in Nov 2017. apphacked4Imgurhttps://blog.imgur.com/2017/11/24/notice-of-data-breach/
60
TIO NetworksOwned by Paypal1,600,0002017Dec 2017. The company has not revealed what type of information was stolen. financialhacked4Bleeping Computerhttps://www.bleepingcomputer.com/news/security/paypal-says-1-6-million-customer-details-stolen-in-breach-at-canadian-subsidiary/
61
Malaysian telcos & MVNOs46,200,0002017Oct 2017. Data from numerous Malaysian telco & MVNO providers, including Celcom, Digi, Umobile, Maxis, Friendi, Merchantrade Asia, Tunetalk, Redtone, XOX, Altel, PLDT & EnablingAsia has been leaked.telecomshacked4LowYathttps://www.lowyat.net/2017/146339/46-2-million-mobile-phone-numbers-leaked-from-2014-data-breach/
62
Malaysian medical practitioners81,3092017Oct 2017. Databases belonging to the Malaysian Medical Council (MMC), the Malaysian Medical Association (MMA), and the Malaysian Dental Association (MDA) have been leaked. The data is from 2014.healthcarehacked4LowYathttps://www.lowyat.net/2017/146339/46-2-million-mobile-phone-numbers-leaked-from-2014-data-breach/
63
Instagram6,000,0002017Sep 2017. A bug exposed user's contact information. Instagram initially said it affected only verified accounts, but has now admitted non-verified users were also affected. Instagram hasn't confirmed numbers, but hackers say they have info from 6m accounts.webhacked1The Vergehttps://www.theverge.com/2017/9/1/16244304/instagram-hack-api-bug-doxagram-selena-gomez
64
Viacom3,000,0002017Sep 2017. A misconfigured Amazon Web Server S3 cloud storage bucket was left wide open and public facing.webhacked4The Hacker Newshttps://thehackernews.com/2017/09/viacom-amazon-server.html
65
Equifax143,000,0002017Sep 2017. If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.financialhackedy4143,000,000UK Govhttps://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do
66
SVR TrackingVehicle tracking540,0002017Sep 2017. The leaked passwords were stored using SHA-1, a weak 20yr old hash program.apppoor security4The Hacker Newshttps://thehackernews.com/2017/09/hacker-track-car.html
67
LinkedIn117,000,0002016May 2016. What initially seemed to be a theft of 6.5 million passwords has actually turned out to be a breach of 117 million passwords.webhacked1117,000,000CNNhttp://money.cnn.com/2016/05/19/technology/linkedin-hack/https://money.cnn.com/2012/06/06/technology/linkedin-password-hack/?iid=EL
68
Tumblr65,000,0002016May 2016. Tumblr claimed it just found out about a 2013 data breach, which independent researchers claim affected 65m users. webhacked1Motherboardhttps://motherboard.vice.com/read/hackers-stole-68-million-passwords-from-tumblr-new-analysis-reveals
69
Yahoo500,000,0002016Sep 2016. Happened in 2014, but no. records stolen was originally thought to be much smaller. Yahoo revealed the real numbers in 2016.webhacked2500,000,000Business Insiderhttp://uk.businessinsider.com/yahoo-hack-by-state-sponsored-actor-biggest-of-all-time-2016-9?r=US&IR=T
70
Mossack FonsecaPanamanian law firm 11,500,0002016Apr 2016. 2.6TB of data on politicians, criminals, professional athletes etc leaked from law firm Mossack Fonseca, including emails, contracts, scanned documents, transcripts...legalhackedy5PanamaPapershttp://panamapapers.sueddeutsche.de/articles/56febff0a1bb8d3c3495adf4/
71
Philippines’ Commission on ElectionsCOMELEC55,000,0002016Apr 2016. After a message was posted on the COMELEC website by hackers from Anonymous, warning the government not to mess with the elections, the entire database was stolen and posted online. governmenthacked5Trend Microhttp://blog.trendmicro.com/trendlabs-security-intelligence/55m-registered-voters-risk-philippine-commission-elections-hacked/
72
Syrian government274,4772016Apr 2016. Hacking outfit calling itself 'Cyber Justice Team' leaked 10GB of data from the government and private websites. Seems to be just data from old leaks, though.governmenthacked1Softpediahttp://news.softpedia.com/news/syrian-government-hacked-43-gb-of-data-spilled-online-by-hacktivists-502765.shtml
73
MinecraftLifeboat' community7,000,0002016Apr 2016. Players using the Lifeboat servers have had their email addresses and passwords leaked.gaminghacked1Motherboardhttp://motherboard.vice.com/read/another-day-another-hack-7-million-emails-and-hashed-passwords-for-minecraft
74
Turkish citizenship database49,611,7092016Apr 2016. Turkish citizenship database has allegedly been hacked and leaked online.governmenthacked2Business Insiderhttp://www.businessinsider.com/turkish-citizenship-database-allegedly-hacked-and-leaked-2016-4?r=UK&IR=T
75
Banner Health3,700,0002016Aug 2016. Hackers gained access to payment card data via food outlets at Banner Health locations.healthcarehacked3Healthcare Informaticshttps://www.healthcare-informatics.com/news-item/cybersecurity/breaking-massive-cyber-attack-banner-health-affects-37m-individuals
76
Mail. ruGame-related forums25,000,0002016Aug 2016. Two hackers attacked three game-related forums hosted by Russian company Mail.ru. webhacked2ZD Nethttp://www.zdnet.com/article/over-25-million-accounts-stolen-after-mail-ru-forums-raided-by-hackers/
77
Dropbox68,700,0002016Aug 2016. User credentials were stolen in a 2012 hack, but the number affected has only just come to light. webhacked168,700,000The Telegraphhttp://www.telegraph.co.uk/technology/2016/08/31/dropbox-hackers-stole-70-million-passwords-and-email-addresses/
78
PayAsUGym300,0002016Dec 2016. Fitness website hacked & email address published online.webhacked1BBC Newshttp://www.bbc.co.uk/news/technology-38350987
79
Lynda.comowned by LinkedIn9,500,0002016Dec 2016. Hackers breached a database that held records of contact info and courses viewed. No official statement yet on how many records were actually stolen, and no evidence yet of them having been published anywhere.webhacked1Neowinhttps://www.neowin.net/news/microsoft-owned-linkedin-is-sending-emails-to-users-about-a-lyndacom-data-breach
80
Linux Ubuntu forums2,000,0002016Jul 2016. 2 million usernames, email addresses, and IP addresses associated with the Ubuntu Forums were taken by an unnamed attacker. The attacker was able to exploit an SQL injection vulnerability in an add-on used by older vBulletin forum software.webhacked1ZDnethttps://www.zdnet.com/article/ubuntu-forums-hack-exposes-two-million-users/
81
Wendy'sRestaurant chain1,0252016Jul 2016. Malware has been used in 1025 of Wendy's restaurants to steal credit card data from customers. It's currently unknown how many individuals have been impacted.retailhacked3Forbeshttps://www.forbes.com/sites/moneybuilder/2016/07/08/this-week-in-credit-card-news-wendys-data-breach-affects-1000-stores-card-fraud-dropping/#260a2f727bab
82
Clinton campaign5,000,0002016Jul 2016. The computer network used by Democratic presidential candidate Hillary Clinton's campaign was hacked as part of a broad cyber attack on Democratic political organizationsgovernmenthacked2Reutershttp://news.trust.org/item/20160729204542-r98dj
83
uTorrent 35,0002016Jun 2016. It's unclear what data has been breached, exactly, but uTorrent has advised passwords are probably compromised. webhacked1Torrent Freakhttps://torrentfreak.com/utorrent-forums-hacked-passwords-compromised-160608/
84
World CheckRun by Thompson Reuters2,200,0002016Jun 2016. 2014 version of World-Check, a database of suspected terrorists and criminals, leaked online. It's unclear what data the records include.mediapoor security3The Stackhttps://thestack.com/security/2016/06/29/2-million-person-terror-database-leaked-online/
85
Mutuelle Generale de la PoliceFrench police health insurance112,0002016Jun 2016. Files uploaded to Google Drive by a 'malicious' employee. Data included home addresses. The leak came two weeks after a French police officer was murdered by ISIS-inspired attack.healthcareinside job5BBC Newshttp://www.bbc.co.uk/news/world-europe-36645519
86
VKRussia's Facebook100,544,9342016Jun 2016. Over 100m user accounts were hacked and the data put up for sale online. A VK spokesperson has denied that the site was breached, claiming the data for sale is old details no longer in use.webhacked4100,000,000Motherboardhttp://motherboard.vice.com/read/another-day-another-hack-100-million-accounts-for-vk-russias-facebook
87
KM.ru & NivalNews site and email provider/Videogame maker1,500,0002016Mar 2016. A teen hacker has randomly hacked several Russian websites. In a statement, he claims the hack was revenge for the MH17 crash. The companies affected have not commented, however Troy Hunt, a security researcher, has confirmed its legit. Nival and KM.ru were both hacked. webhacked4Motherboardhttps://motherboard.vice.com/en_us/article/pgkp57/a-teen-hacker-is-targeting-russian-sites-as-revenge-for-the-mh17-crash
88
FlingDating site40,000,0002016May 2016. A hacker claims to be selling info on sexual desires & preferences, as well as generic personal info, stolen from the dating site Fling. The data is allegedly from 2011. webhacked4IBTimeshttps://www.ibtimes.co.uk/fling-com-breach-passwords-sexual-preferences-40-million-users-sale-dark-web-1558711
89
MySpace164,000,0002016May 2016. The same hacker who was selling LinkedIn user data now claims to have MySpace user data too, and lots of it. webhacked1164,000,000Motherboardhttp://motherboard.vice.com/read/427-million-myspace-passwords-emails-data-breach
90
ThreeThree mobile company in the UK200,0002016Nov 2016. Hackers broke into Three's customer database with the intention of fraudulently ordering handsets to sell on. They stole personal details, but no financial records or passwords were stored on the hacked system. telecomshacked2Threehttp://www.threemediacentre.co.uk/news/2017/handsetfraud-update.aspx
91
Red Cross Blood Service550,0002016Oct 2016. Info leaked includes data about 'at risk sexual behaviours'healthcareoops!4ABC Newshttp://www.abc.net.au/news/2016-10-28/red-cross-blood-service-admits-to-data-breach/7974036
92
Telegram Instant messaging service15,000,0002016Aug 2016. Despite Telegram's claims of super security, they've been hacked by a group called Rocket Kitten. apphacked1Venture Beathttp://venturebeat.com/2016/08/02/hackers-break-into-telegram-revealing-15-million-users-phone-numbers/
93
Dailymotionvideo sharing site85,200,0002016Dec 2016. 85.2m email addresses extracted, but only 18.3m had associated passwords.webhacked1ZDNethttp://www.zdnet.com/article/dailymotion-hack-exposes-millions-of-accounts/
94
Weebly43,000,0002016Oct 2016. Usernames, passwords and IP addresses stolen, although passwords secured with bcrypt. webhacked4Tech Crunchhttps://techcrunch.com/2016/10/20/weebly-hacked-43-million-credentials-stolen/
95
Interpark10,000,0002016July 2016. South Korean police are blaming North Korea for stealing data in an attempt to obtain foreign currency. webhacked2NY timeshttp://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
96
Quest Diagnostics34,0002016Dec 2016. The stolen data contained names, DOBs, lab results and some telephone numbers.healthcarehacked4Newsroomhttp://newsroom.questdiagnostics.com/2016-12-12-Quest-Diagnostics-Provides-Notice-of-Data-Security-Incident#assets_129
97
Friend Finder NetworkParent company of Adult Friend Finder , Cams.com and Penthouse.com412,000,0002016Nov 2016. Usernames, email addresses, passwords for sites including Adult Friend Finder and Penthouse.com. Passwords encrypted, but LeakedSource claims to be able to crack 99% of them.webhacked1412,000,000ZDNethttp://www.zdnet.com/article/adultfriendfinder-network-hack-exposes-secrets-of-412-million-users/
98
BrazzersPorn site790,7242016Sep 2016. 'The data contains 790,724 unique email addresses, and also includes usernames and plaintext passwords. (The set has 928,072 entries in all, but many are duplicates.'webhacked4Motherboardhttp://motherboard.vice.com/read/nearly-800000-brazzers-porn-site-accounts-exposed-in-forum-hack
99
ClixSense6,600,0002016Sep 2016. The information stolen contains usernames, passwords, home addresses, payment histories, and other banking details.webhacked5Digital trendshttp://www.digitaltrends.com/computing/clixsense-hacked/
100
CarefirstBlue Cross, Blue Shield US medical insurer1,100,0002015May 2015. Evidence suggests the attackers could have potentially acquired member-created user names created by individuals to access CareFirst’s website, as well as members’ names, birth dates, email addresses and subscriber identification number.healthcarehacked1Carefirsthttp://carefirstanswers.com/
Loading...
Main menu