List of data breaches and cyber attacks in December 2017 – 33.8 million records leaked

It’s a great pleasure to finish the year with the last list of data breaches and cyber attacks of 2017. This year has certainly been an eye-opener for me in regards to just how poorly organisations can handle data.

Four years have passed since I started compiling these monthly lists, and while there have been many developments in data protection and privacy in that time, nothing has introduced such significant change as the EU GDPR.

I close 2017 with the hope that the introduction of the EU GDPR will encourage organisations to better protect the data they hold, and to give it the respect it requires.

Data protection is more than just protecting data from the unauthorised: it’s about ensuring it’s used for the sole purpose it was collected, and respecting the privacy of those whose data it is.

Privacy is not something that we’re merely entitled to, it’s an absolute right.

Cyber attack and ransomware

Attackers claim to have hacked MEDHOST

FBI investigates cyberterrorist attack on Stanislaus County network

Proctor schools hit by ransomware attack

Top Security Firm Admits to MitM Security Incident

Jerome School District falls victim to ransomware

National Capital Poison Center discloses ransomware incident

After computer hack, Nashotah pays $2K ransom for residents’ personal information

Mad River Twp. Fire and EMS data hacked, encrypted with ransomware

Mecklenburg Co. leaders release ransom email from hackers

Former Sysadmin Caught Hacking His Ex-Employer by His Replacement

Data breach

Nissan Canada data breach may have exposed 1.1M finance customers’ information

MidMichigan notifies patients of potential breach

Chilton Medical Center hard drive containing protected health information was sold online

NYU Langone Health Notifies Patients of Improperly Disposed Binder Containing Patient Information

Home Economics: How Life in 123 Million American Households Was Exposed Online

Former hotel clerk arrested for profiting from guests’ info

Lincoln Nonprofit’s Laptop Containing Vital Information Stolen in Car Break-In

LSU issues notifications regarding stolen laptop

Austin Manual Therapy notifies 1,750 patients of data breach

Washington Health System Greene notifies 4,145 patients after hard drive with PHI was discovered stolen

Franciscan Physician Network of Illinois and Specialty Physicians of Illinois notify patients of payment records lost or stolen from storage facility

Hackers may have stolen the personal data of 80,000 people associated with Osaka University

eBay Privacy Breach Exposes Customer Names on Google

Cape students affected by data breach

Clarion U. students notified after employees fall for phishing attack

Glens Falls Hospital workers’ Social Security numbers released in internal email

24,000 UNC Health Care patients affected by potential security breach

Sinai Health System announces data breach but says risk to patients low

oBike reviewing app security after international user data leak

Henry Ford Health System Warns 18,470 Patients Of Data Breach

Real Time Health Quotes leak affected health insurance applicants

July Systems data leak: Massive trove of sensitive information exposed online via unsecured database

Baptist Health Louisville notifies 880 patients after phishing incident

A popular virtual keyboard app leaks 31 million users’ personal data

Former employee reportedly steals mental health data on 28,434 Bexar County patients

Data security breach at Rutgers leaves the information of 1,700 students unprotected

Financial information

Text alert: the ‘bank’ message that cost a student £5,400 of her loan money

Basic training in avoiding phishing is no longer sufficient

Thieves stole potentially millions of dollars in bitcoin in a hacking attack on a cryptocurrency company

PayPal Admits Acquired Company Suffered Major Breach

‘Cyber heist’: 600 bank accounts hacked for Rs 10million

Compromised payroll documents contained personal info of current, former Humboldt County staff, dependents


U.S. claims North Korea was responsible for WannaCry

Fighting back against cyber crime

Romania arrests five suspected members of major ransomware gang

Former nurse sentenced for cyber stalking campaign

Chicago Man Charged With Hacking Company’s Servers After Termination

Hacker got details of 165,000 people from sites including Uber and Groupon

One Response

  1. Huet Bartels 2nd January 2018