Open Subtitles – 6,783,158 breached accounts
In August 2021, the subtitling website Open Subtitles suffered a data breach and subsequent ransom demand. The breach exposed almost 7M subscribers' personal data including email and IP addresses, usernames, the country of the user and passwords stored as...
Upstox – 111,002 breached accounts
In April 2021, Indian brokerage firm Upstox suffered a data breach. The incident exposed extensive personal information on over 100k customers including names, genders, dates of birth, physical addresses, banking information and passwords stored as bcrypt hashes. Extensive "know...
Aditya Birla Fashion and Retail – 5,470,063 breached accounts
In December 2021, Indian retailer Aditya Birla Fashion and Retail Ltd was breached and ransomed. The ransom demand was allegedly rejected and data containing 5.4M unique email addresses was subsequently dumped publicly on a popular hacking forum the next...
FlexBooker – 3,750,176 breached accounts
In December 2021, the online booking service FlexBooker suffered a data breach that exposed 3.75 million accounts. The data included email addresses, names, phone numbers and for a small number of accounts, password hashes and partial credit card data....
DatPiff – 7,476,940 breached accounts
In late 2021, email address and plain text password pairs from the rap mixtape website DatPiff appeared for sale on a popular hacking forum. The data allegedly dated back to an earlier breach and in total, contained almost 7.5M...
RedLine Stealer – 441,657 breached accounts
In December 2021, logs from the RedLine Stealer malware were left publicly exposed and were then obtained by security researcher Bob Diachenko. The data included usernames, email addresses and plain text passwords.
Protemps – 49,591 breached accounts
In October 2021, the Singaporean recruitment website Protemps suffered a data breach that exposed almost 50,000 unique email addresses. The impacted data includes names, email and physical addresses, phone numbers, passport numbers and passwords stored as unsalted MD5 hashes,...
Gravatar – 113,990,759 breached accounts
In October 2020, a security researcher published a technique for scraping large volumes of data from Gravatar, the service for providing globally unique avatars . The scraped data included 167 million names, usernames and MD5 hashes of email addresses...
IDC Games – 3,966,871 breached accounts
In March 2021, 4 million records source from IDC Games was shared on a public hacking forum. The data included usernames, email addresses and passwords stored as salted MD5 hashes.
Ducks Unlimited (unverified) – 1,324,364 breached accounts
In mid-2021, Risk Based Security reported on a database sourced from Ducks Unlimited being traded online. The data dated back to January 2021 and contained 1.3M unique email addresses across both a membership list and a list of website...
ActMobile (unverified) – 1,583,193 breached accounts
In October 2021, security researcher Bob Diachenko discovered an exposed database he attributed to ActMobile, the operators of Dash VPN and FreeVPN. The exposed data included 1.6 million unique email addresses along with IP addresses and password hashes, all...
CoinMarketCap – 3,117,548 breached accounts
During October 2021, 3.1 million email addresses with accounts on the cryptocurrency market capitalisation website CoinMarketCap were discovered being traded on hacking forums. Whilst the email addresses were found to correlate with CoinMarketCap accounts, it's unclear precisely how they...
Thingiverse – 228,102 breached accounts
In October 2021, a database backup taken from the 3D model sharing service Thingiverse began extensively circulating within the hacking community. Dating back to October 2020, the 36GB file contained 228 thousand unique email addresses, mostly alongside comments left...
Playbook – 50,538 breached accounts
In September 2021, a publicly accessible PostgresSQL database belonging to the Playbook service was identified. Run by VC firm Plug and Play Ventures, the database had been exposed since October 2020 and contained more than 50 thousand unique email...
Fantasy Football Hub – 66,479 breached accounts
In October 2021, the fantasy premier league (soccer) website Fantasy Football Hub suffered a data breach that exposed 66 thousand unique email addresses. The data included names, usernames, IP addresses, transactions and passwords stored as WordPress MD5 hashes.
AT&T announces multi-gigabit fiber: $110 a month for 2Gbps, $180 for 5Gbps
Enlarge (credit: Getty Images | zf L)
AT&T has started offering 2Gbps and 5Gbps symmetrical Internet speeds over its fiber-to-the-home network, the telecom company announced today. The multi-gigabit speeds are...
Registration for the (ISC)² Entry-Level Cybersecurity Certification Exam Pilot Program Is Now Open
New certification validates students' and career changers' foundational skills and helps kickstart their cybersecurity careers.
DC, 3 States Sue Google Saying it Invades Users' Privacy
The District of Columbia and three states are suing Google for allegedly deceiving consumers and invading their privacy by making it nearly impossible for them to stop their location from being tracked.
read more
A flaw in Rust Programming language could allow to delete files and directories
The maintainers of the Rust programming language fixed a high-severity flaw that could allow attackers to delete files and directories from a vulnerable system.
The maintainers of the Rust programming language have released a security update for a high-severity...
Personal identifying information for 1.5 billion users was stolen in 2021, but from where?
Threat intelligence company Black Kite found that the majority of attacks were against healthcare providers, involved ransomware and succeeded thanks to software vulnerabilities.
