Tuesday, December 11, 2018
Have I Been Pwned

Bombuj.eu – 575,437 breached accounts

In December 2018, the Slovak website for watching movies online for free Bombuj.eu suffered a data breach. The incident exposed over 575k unique email addresses and passwords stored as unsalted MD5 hashes. No response was received from Bombuj.eu when...
Have I Been Pwned

Hub4Tech – 36,916 breached accounts

On an unknown date in approximately 2017, the Indian training and assessment service known as Hub4Tech suffered a data breach via a SQL injection attack. The incident exposed almost 37k unique email addresses and passwords stored as unsalted MD5...
Have I Been Pwned

You’ve Been Scraped – 66,147,869 breached accounts

In October and November 2018, security researcher Bob Diachenko identified several unprotected MongoDB instances believed to be hosted by a data aggregator. Containing a total of over 66M records, the owner of the data couldn't be identified but it...
Have I Been Pwned

AerServ – 66,308 breached accounts

In April 2018, the ad management platform known as AerServ suffered a data breach. Acquired by InMobi earlier in the year, the AerServ breach impacted over 66k unique email addresses and also included contact information and passwords stored as...
Have I Been Pwned

ForumCommunity – 776,648 breached accounts

In approximately mid-2016, the Italian-based service for creating forums known as ForumCommunity suffered a data breach. The incident impacted over 776k unique email addresses along with usernames and unsalted MD5 password hashes. No response was received from ForumCommunity when...
Have I Been Pwned

Technic – 265,410 breached accounts

In November 2018, the Minecraft modpack platform known as Technic suffered a data breach. Technic promptly disclosed the breach and advised that the impacted data included over 265k unique users' email and IP addresses, chat logs, private messages and...
Have I Been Pwned

Data & Leads – 44,320,330 breached accounts

In November 2018, security researcher Bob Diachenko identified an unprotected database believed to be hosted by a data aggregator. Upon further investigation, the data was linked to marketing company Data & Leads. The exposed Elasticsearch instance contained over 44M...
Have I Been Pwned

Adapt – 9,363,740 breached accounts

In November 2018, security researcher Bob Diachenko identified an unprotected database hosted by data aggregator "Adapt". A provider of "Fresh Quality Contacts", the service exposed over 9.3M unique records of individuals and employer information including their names, employers, job...
Have I Been Pwned

Elasticsearch Sales Leads – 5,788,169 breached accounts

In October 2018, security researcher Bob Diachenko identified multiple exposed databases with hundreds of millions of records. One of those datasets was an Elasticsearch instance on AWS containing sales lead data and 5.8M unique email addresses. The data contained...
Have I Been Pwned

KnownCircle – 1,957,600 breached accounts

In approximately April 2016, the "marketing automation for agents and professional service providers" company KnownCircle had a large volume of data obtained by an external party. The data belonging to the now defunct service appeared in JSON format and...
Have I Been Pwned

Rbx.Rocks – 24,990 breached accounts

In August 2018, the Roblox trading site Rbx.Rocks suffered a data breach. The personal data of almost 25k people was impacted by the breach and included names, email addresses and passwords stored as bcrypt hashes. The website has since...
Have I Been Pwned

Società Italiana degli Autori ed Editori – 14,609 breached accounts

In November 2018, the Società Italiana degli Autori ed Editori (Italian Society of Authors and Publishers, or SIAE) was hacked, defaced and almost 4GB of data leaked publicly via Twitter. The data included over 14k registered users' names, email...
Have I Been Pwned

WPSandbox – 858 breached accounts

In November 2018, the WordPress sandboxing service that allows people to create temporary websites WP Sandbox discovered their service was being used to host a phishing site attempting to collect Microsoft OneDrive accounts. After identifying the malicious site, WP...
Have I Been Pwned

JoomlArt – 22,477 breached accounts

In January 2018, the Joomla template website JoomlArt inadvertantly exposed more than 22k unique customer records in a Jira ticket. The exposed data was from iJoomla and JomSocial, both services that JoomlArt acquired the previous year. The data included...
Have I Been Pwned

Mac Forums – 326,714 breached accounts

In July 2016, the self-proclaimed "Ultimate Source For Your Mac" website Mac Forums suffered a data breach. The vBulletin-based system exposed over 326k usernames, email and IP addresses, dates of birth and passwords stored as salted MD5 hashes. Mac...
Computerworld

And that was actually the CLEAN version!

It's more than a few years back, and this oilfield services company is implementing a new email filter, says a pilot fish working there."It was part of an email security product," fish says. "The filter could identify emails containing...

Review: How StackRox protects containers

With the rise of cloud computing and later DevOps, containerization has never been more popular. But cybersecurity has yet to fully catch up. Even security applications designed to work natively in the cloud have trouble protecting the most popular...

Dark web goldmine busted by Europol

What’s the safest way to buy counterfeit banknotes? Not on the dark web market, as 235 people have just discovered to their cost.
Security Affairs

Google will shut down consumer version of Google+ earlier due to a bug

Google announced it will close the consumer version of Google+ before than originally planned due to the discovery of a new security flaw. Google will close the consumer version of Google+ in April, four months earlier than planned. According to G...

Teen SWATter who had 400 schools evacuated lands 3 years in jail

George Duke-Cohan is the British teen who posed as a worried father whose daughter had called him mid-flight during a hijacking.