The first list of 2018 is by no means a short one. In fact, this is one of the longest lists that I’ve ever put together. Thankfully, the total number of leaked records is far lower than previous months. Yay?
I count this month’s total to be 7,073,069. If I have missed anything, please do let me know.
The list is likely to grow over the next few days – so be sure to come back daily and check. If you’d like a more regular update of breaches and cyber attacks, I strongly suggest subscribing to our Daily Sentinel.
Cyber attacks & ransomware
Official phpBB Download Links Were Compromised Yesterday
Allscripts Acknowledges Ransomware Attack, Says Impact is “Limited”
Metrolinx claims computers hit by North Korean cyberattack
Idaho school works to recover data weeks after cyberattack
City of Farmington recovering after SamSam ransomware attack
A second Indiana hospital reports ransomware attack
Student hacks into school’s computer system
Emotet malware compromised Rockingham County Schools servers after employees opened phishing emails
Hospital pays $55,000 ransom; no patient data stolen
Anonymous Hacks Italian Speed Camera Database
Two Hong Kong travel agencies apologise as hackers demand payment for stolen customer data
Data breaches
Ontario Progressive Conservative Party database hacked
University of Baltimore adds safeguards to student data long left exposed
Dr. Zachary E. Adkins DDS, LLC notifies patients of stolen hard drive
Kris Kobach’s Office Leaks Last 4 Social Security Digits of Nearly Every Kansas Lawmaker
Email gaffe by Coventry University staff exposed 1,930 students’ details
Major data breach at University of Windsor law school
Police probing Bell Canada data breach; up to 100,000 customers affected
Data of over 220,000 organ pledgers leaked online
Withybush Hospital bosses apologize, launch investigation into insider snooping into patient records
MDE says Tupelo schools impacted by data breach
Private info for hundreds of Kansas voters exposed by Florida
Corovan Corporation & Employer Leasing notifying 1,500 California residents of data breach
Top 500 Legal Firms Have Over a Million of Their Credentials Leaked on the Dark Web
Dark family secrets: Anonymous letter uncovers child welfare records
ICO investigates Age UK after two data breaches
Florida Department of State notifies 945 of breach involving the last four digits of their SSN
Mississippi student data accessed in testing-vendor breach
MailChimp Found Leaking Email Addresses
‘Professional’ hack on Norwegian health authority compromises data of three million patients
China’s cyber watchdog scolds Ant Financial over user privacy breach
Security flaw in virtual reality porn app SinVR exposes personal info of 20,000 users
Council in huge care data breach
Onco360 and CareMed Specialty Pharmacy Patients Notified of Data Security Incident
Oklahoma State University Center for Health Sciences notifying 280,000 Medicaid patients after hack
Hundreds left vulnerable to hackers after Johnson and Johnson data blunder
Dog-Walking App Exposed Home Addresses and Lockbox Codes
2,551 people affected by Guelph privacy breach
Framingham radiology lab loses medical records of 9,300 people
Florida officials: Hack exposed 30K Medicaid patients’ files
Financial information
Cryptocurrency exchange Coincheck loses ¥58 billion in hacking attack
Maserati-driving postal worker stole dozens of credit cards
Greenbay employees have bank accounts raided after unpatched server hacked
National Stores, Inc. notifies customers that malware may have compromised payment cards
OnePlus Disables Credit Card Processing After Customers Report Fraudulent Activity
Online Shop Can’t Determine Card Breach Severity Due To “Lack of Backups”
27,000 UnEncrypted Credit Cards left in shared Database by Thefly.com
Jason’s Deli suffers POS breach affecting 2 million customers
Other
Infant Social Security numbers are for sale on the dark web
Reddit rolls out 2FA to all its users
Keylogger found on thousands of WordPress-based sites, stealing every keypress as you type
Jail for man who hacked 1000 student email accounts in search for sexually explicit images
When will the 2016 list be completed?
The list was published last year – https://www.itgovernance.co.uk/blog/list-of-data-breaches-and-cyber-attacks-in-2016-1-6-billion-records-leaked/
Thanks!
December says “to be updated”
Ah, yes – you’re right. I’ve now added the total!
Thanks