"The company will contact 130,000 customers to advise them to reset their modems, and have said that at least 2,000 devices were breached. "
"Over 85 million Dailymotion users' email addresses, usernames and passwords have reportedly been hacked by an unknown hacker. Dailymotion is like France's YouTube."
"Anyone who purchased food, drink, or other merchandise at the company’s properties between Nov. 9, 2015 and Oct. 24, 2016 may have had their payment card information filched."
"Michigan State University has experienced a data breach, which it said took place on November 13th. Their database includes 400,000 people's information."
"Two separate data incidents, one of which exposed the personal information of more than 425,000 public housing residents."
"1.3 million Red Cross blood donors were leaked online in the form of a single database file. 550,000 of the donors were identified as unique."
"Web hosting service Weebly has confirmed a major data breach from February 2016 that affected 43.4 million users."
"Allegedly, a hacker scanning for unsecured databases was able to compromise at least 58.8 million records, possibly as many as 258 million."
"More than 2.2 Million people have already had their personal and sensitive data posted to PasteBin. The hackers who dumped the data has put another 4.4 Million accounts up for sale."
"Credit and debit cards used at 350+ North American stores during the first six months of 2016 may have been compromised."
"For each user, the data included a username, a hashed password, the registration and last login dates, and a user ID. For the vast majority of users, but not for all, there was also an email address associated with their account."
"Personal information of patients was left exposed on the internet for four days."
"The company said it detected and then quickly blocked an attack last week, but some data, including some sync users’ passwords and account information, such as login names, may have been compromised.”
"Confirmed that a hacker had gained access to our electronic medical records system earlier in the month, using the log-in credentials of a third-party vendor."
"A known vulnerability found in older vBulletin discussion board software program, which powers the site’s community, allowed the hacker to gain access to the databases."
"The breach was a result of known SQL injection vulnerability in the Forumrunner add-on on the forum, which Canonical had neglected to patch."
"2012 Data breach finally comes to public light 4 years after the fact."
"Warframe is available on PC, Playstation 4 and Xbox One, and is consistently in thetop 20 played games on Steam. Company confirmed that a list of 775,749 email addresses was acquired through a Drupal SQL exploit."
"User accounts for dating site Badoo are being traded in the digital underground, including email address, cracked passwords, names, and dates of birth."
"Although the company is no longer around, the data dump included 51 million username/password combos, reconfirming the need for unique and strong passwords."
"Stolen database contains close to 45 million records from 1,100 websites and forums."
"More than 36 million accounts/records of internal data from several vulnerable networks."
"Tens of millions of user accounts from virtual pets community Neopets have allegedly been hacked and traded on the criminal underground."
"Thieves were able to access W-2 data merely by entering at Equifax’s portal the employee’s default PIN code, exposing 431,000 Kroger employees."
"A hacker is trying to sell the account information, including emails and passwords, of 117 million LinkedIn users. The hacker, who goes by the name “Peace,” told Motherboard that the data was stolen during the LinkedIn breach of 2012."
"Myspace may no longer be “hip,” but this hacker thinks your stolen account data is still worth something online. A hacker known as Peace is trying to sell the passwords and emails of 360 million Myspace users for six bitcoin."
"Up to 320,000 Time Warner Cable customers may have had their email passwords stolen resulting from a variety of hacking methods, company officials confirmed."
"Domain registrar and web hosting firm Web.com said on Tuesday that hackers made away with credit card and personal information of roughly 93,000 of its customers after breaching a server operated by the company. Web.com said that it discovered the breach of one of its computer systems on August 13, 2015 through its ongoing security monitoring."
Background check provider, SterlingBackcheck, recently began notifying 100,000 people that their names, birthdates and Social Security numbers may have been exposed when an unencrypted laptop was stolen from an employee's car on May 29, 2015, CBS46 News reports.
"The Internal Revenue Service (IRS) disclosed today that identity thieves abused a feature on the agency’s Web site to pull sensitive data on more than 330,000 potential victims as part of a scheme to file fraudulent tax refund requests. The new figure is far larger than the number of Americans the IRS said were potentially impacted when it first acknowledged the vulnerability in May 2015."
"Up to 2.4m Carphone Warehouse customers may have had their personal information and bank details compromised, after the mobile phone retailer said its systems had been breached by a sophisticated cyber attack. The attack hit the division of Carphone Warehouse that operates the websites OneStopPhoneShop.com, e2save.com and Mobiles.co.uk, and provides services to TalkTalk Mobile among others. As many as 90,000 customers may also have had their encrypted credit card details accessed by the hackers."
Large caches of data stolen from online cheating site AshleyMadison.com have been posted online by an individual or group that claims to have completely compromised the company’s user databases, financial records and other proprietary information.
"Customer credit card information collected by the independent vendor who manages and hosts CVSPhoto.com may have been compromised,” CVS said in a statement that replaced the photo website’s normal homepage content. “As a precaution, as our investigation is underway we are temporarily shutting down access to online and related mobile photo services." *Same message appears on Costco & Rite Aid's websites.
The information compromised included names, dates of birth, Social Security numbers, Medicare and health plan identification numbers, patient diagnosis and procedures. It has been reported that UCLA did not take basic steps to encrypt the patient data.
A massive cyber breach at the Office of Personnel Management may have exposed the personal and financial information of 21.5 million employees (or more), putting their credit and finances at risk.
While there’s no concrete evidence that the payments information attached to the accounts were compromised, the online dating site Adult FriendFinder admitted that its database was breached — impacting an estimated 4 million members, according to multiple media reports. However, the scope of the breach hasn’t been fully discovered.
Attackers gained access to names, birth dates, email addresses and insurance identification numbers. The company said the database did not include Social Security or credit card numbers, passwords or medical information. Nevertheless, CareFirst is offering credit monitoring and identity theft protection for two years.
“This criminal attack was limited to credit or debit card transactions between September 3rd, 2014 and April 2nd, 2015 at restaurant, bar and retail locations at the Hard Rock Hotel Las Vegas property, including the Culinary Dropout Restaurant. The attack did not affect transactions at the hotel, casino, Nobu, Affliction, John Varvatos, Rocks, Hart & Huntington Tattoo or Reliquary Spa & Salon.”
Criminals are using Starbucks accounts to access consumers’ linked credit cards. Taking advantage of the Starbucks auto-reload function, they can steal hundreds of dollars in a matter of minutes. Because the crime is so simple, it can escalate quickly, and the consumer protections controlling the transaction are unclear. Starbucks denied the unauthorized activity was the result of a hack or intrusion into its servers or mobile applications.
Criminals used malware that is believed to have been effectively deployed on some of its point-of-sale systems at varying times between March 6th and April 17th, 2015. Accordingly, the payment card information of customers that used cards at affected U.S. Sally Beauty stores during this time may have been put at risk.
Premera Blue Cross said it was hacked and now the private medical and financial data of up to 11 million customers may be exposed. The hackers were actually able to break into customers’ claims and view banking account numbers, Social Security numbers and birth dates, as well as sensitive clinical information.
One of the third-party vendors Sacred Heart Health System uses for its billing operations was recently hacked, compromising the health information of about 14,000 patients. Hackers used a phishing attack to gain access to the email account of an employee of the billing vendor. They were able to access patients’ names, dates of service, dates of birth, diagnoses and procedures, total charges, and physicians’ names. About 40 of the patients also had their Social Security numbers compromised.
Indiana-based SRI Incorporated – which conducts tax sales, deed sales and foreclosure sales relating to the recoupment of delinquent tax for local governments – is notifying roughly 9,000 individuals that their personal information may be at risk.
The HMSA website says users who received services from Anthem over the last 10 years could have had their information accessed. The information that may have been compromised includes names, dates of birth, cities of residence, and part of the membership number.
Anthem has updated the total, with non-customers included, and the amount of those affected could reach as high as 98.6 million. Uncertainty in the total is because 14 million of the records are incomplete, making it difficult for Anthem to link all of its members to the correct plans.
Financial services firm Morgan Stanley publicly admitted on Jan. 5 2015 that it was the victim of an insider data breach.
The USPS is victim of a cyber attack with Chinese hackers being suspected. Currently the FBI is investigating the breach and it appears that information obtained included names, dates of birth, Social Security numbers, addresses, and dates of employment. According to officials, all postal service employees were affected and they are not yet clear why their information was of interest to these hackers. They are not seeing any evidence of customer information being compromised.
Global threads bazaar AliExpress, an offshoot of global bazaar AliBaba, has patched a URL flaw that allowed attackers to harvest users’ personal details including names, shipping addresses and phone numbers. The insecure direct object reference vulnerability, reported by an unnamed researcher, affected 7.7 million logged-in users for AliExpress, the online retail wing of AliBaba that’s the most visited e-commerce site in Russia.
The Federal Communications Commission (FCC) recently announced that AT&T has agreed to pay a $25 million fine for privacy violations related to a 2014 data breach that exposed almost 280,000 customers' names, full or partial Social Security numbers, and account-related data, including customer proprietary network information (CPNI).
Uber said that on September 17, 2014, it discovered one of its databases could potentially have been accessed by a third party. After subsequent investigation, it learned that a one-time unauthorized access to an Uber database by a third-party occurred on May 13, 2014, & that the information of nearly 50,000 individuals (primarily taxi drivers employed by Uber) was compromised. The company disclosed that the files which were accessed only contained the names & driver’s license numbers of certain drivers.
Around 48 million Xbox subscribers were interrupted from their gaming. The motive of this hack is unclear.
Five Sony films, an early version of a script for the next James Bond movie, Spectre, Brad Pitt's Fury, and a whole host of Sony's private company information has apparently been exposed to the public, including bosses' salaries and employees' social security information.
The Texas Health and Human Services department discovered a data breach, it appears by "chance", after terminating their relationship with Xerox Corporation. The information includes "Medicaid clients' names, birthdates, Medicaid numbers, and medical and billing records related to care provided through Medicaid, such as reports, diagnosis codes and photographs."
Credit card details from almost half of all South Koreans have been stolen and sold to marketing firms. The data was stolen by a computer contractor working for a company called the Korea Credit Bureau that produces credit scores. Approximately 104 million credit card accounts were compromised following breaches at three credit card firms in South Korea. Originally, the BBC reported the breaches had affected 20 million cards.
"Staples that the investigation revealed that the hackers used malware that provided access to information for transactions at 115 of its stores. The hackers stole cardholder names, payment card numbers, expiration dates and card verification codes. The company is offering free identity theft protection services."
According to documents posted by financial news service Credit.com, the company has notified its customers that a pair of CDs containing the names, addresses, social security numbers and account numbers for users had gone missing.
After reviewing 1.9 million records for people who have registered with the WorkSource Oregon Management Information System(WOMIS), state officials say they've identified 851,322 people whose information may have been compromised.
One financial institution that received an alert about a breach, said the bank had nearly 9,000 customer cards listed in that alert, and that the only common point-of-purchase were Chick-fil-A locations.
A 31yo was recently booked by the police for infiltrating the accounts of 25 million people on Naver, S. Korea's largest Web portal. According to the National Police Agency, the suspect, surnamed Seo, purchased the private information of 25 million people. Seo then used the data, which included the names, residential numbers, Internet IDs and passwords, to hack into Naver accounts. He sent spam messages and other illicit emails to the Naver account holders to rake in illegal profit of some 160 million won ($148,000).
Some reports suggests that credit and debit card information was not involved, that the hackers instead stole personal data such as addresses and phone numbers.
The New York Times reported that and 7 million small businesses were involved.
The company explained the incident this way: “An intruder stole log-in credentials from Jimmy John’s point-of-sale vendor and used these stolen credentials to remotely access the point-of-sale systems at some corporate and franchised locations.
The national, charitable resale organization announced in early September that card information at approximately 330 stores had been compromised.
About 56 million card records were hacked in this attack that is said to revolve around malware that was installed on cash register systems.
The origin of the breach comes from hackers compromising a small number of employee login credentials, which gave access to eBay’s corporate network.
In March, the Texas-based beauty chain said it had been hacked by the same gang that hacked Target.
Education services provider Benesse Corp. said personal data on 22.6 million customers were stored on a smartphone owned by the Tokyo systems engineer under arrest on suspicion of theft and illegal copying of customer data. While announcing the figure Monday, Benesse, a subsidiary of Benesse Holdings Inc., said the stolen information — the worst data leak in Japan’s history — also included customer data on its group firms’ online-shopping website Benesse Life Smile Shop & message board website Benesse Women’s Park.
Hundreds of passwords to Dropbox accounts have been leaked in the latest security breach, with hackers threatening to release millions more account details in exchange for Bitcoin.
The ice cream chain said the breach affected 395 of its over 4,500 locations in the United States. The hacked information contained the names and credit card information of past customers.
According to a CHS SEC filing describing the breach, the hack likely originated from China and focused on valuable non-clinical, non-medical data, such as “patient names, addresses, birthdates, telephone numbers and Social Security numbers."
The company, in a statement, said, “We do know, and our forensic reports have confirmed, that malicious software (malware) was clandestinely installed on our system and that it attempted to collect or ‘scrape’ payment card data from July 16, 2013 to Oct. 30, 2013.”
Information was accessed through a single server by hackers from China and other locations. The server contained employee and patient data for St. Joseph Regional Health Center in Bryan, Burleson St. Joseph Center, Madison St. Joseph Health Center, Grimes St. Joseph Health Center and St. Joseph Rehabilitation Center. The breach supposedly occurred between December 16 through the 18th, 2013. The data included patient names, birth dates, Social Security numbers, and possibly addresses. Medical information for patients was accessible, as well as bank information for current and former employees. Both adult and minor information may have been compromised.
German authorities recently confirmed that they're investigating the theft of around 18 million e-mail account passwords, affecting all major German Internet service providers
Business social network LinkedIn and online dating service eHarmony said Wednesday that some of their users' passwords were stolen and millions appear to have been leaked onto the Internet.
Thanks to a gap in the service's security, the phone numbers and usernames have been downloaded by a Web site calling itself SnapchatDB.info. The compromised accounts are concentrated mostly in California and New York, with the two states accounting for nearly 2.3 million accounts. Other regions affected include Illinois, Colorado and Florida.
Around 70 million holiday shoppers had their card data compromised late last year in the breach at Target, the incident that kicked off the current wave of big breaches.
Sometime between November 1 and 3, two unencrypted laptops were stolen from employee workstations. The laptops were password-protected and cable-locked to the workstations. Names, Social Security numbers, addresses, dates of birth, Horizon Blue Cross Blue Shield New Jersey identification numbers, and demographic information may have been exposed.
An unspecified data breach may have exposed the information of current and former students, employees, and vendors. Names, Social Security numbers, bank account information, and dates of birth may have been viewed by unauthorized parties.
Hackers stole and stored information online related to customers who used limousine and other ground transportation. The online information included plain text archives of credit card numbers, expiration dates, names, and addresses. Many of the customers were wealthy and used credit cards that would be attractive to identity thieves.
According to the company, only card numbers and expiration dates appear to have been exposed, not the cardholder's name, address or identifying information.
Adobe said hackers had stolen encrypted customer credit card records, as well as login data for an undetermined number of Adobe user accounts.
Hackers were able to access Zappos customer's names, e-mail addresses, addresses, phone numbers, the last four digits of credit card numbers and cryptically scrambled passwords.
Online gaming platform experienced a massive data breach that exposed the names, addresses and other personal information of 77 million users.