I’ve been kept busy this month – too busy for me to keep a close eye on the month’s data breaches and cyber attacks. But as I prepared this list, I realised how bad October has been.
A story I want to emphasise is the breach at a London-based plastic surgery firm. A well-known “hacking gang” stole photographs and a list of patients, and has threatened to release them. This is obviously worrying for the firm and its patients (which may include members of the royal family), and it demonstrates how little remorse some cyber criminals have.
So, numbers: by my count there were 55,488,818 leaked records in October. But, as always, let me know if I’ve missed anything.
Cyber attack & ransomware
Hacker Wants $50K From Hacker Forum or He’ll Share Stolen Database With the Feds
BadRabbit ransomware attacks multiple media outlets
FirstHealth Computer Network Threatened by Malware Virus
IFHS Investigates Cybersecurity Breach Of Clinic’s Computer System
Security breach reported at Ashland clinic
Forrester Announces Cybersecurity Incident Involving Forrester.com
Gaming Service Goes Down After Hacker Wipes Database and Holds It for Ransom
PornHub visitors hit with malware attack via poisoned ads
Data breach
Terror threat as unencrypted Heathrow Airport security files found dumped in the street
T-Mobile Alerted ‘A Few Hundred Customers’ Targeted By Hackers
Catholic Charities’ server hacked, possibly as early as 2015
Student information leaked from Creighton University Trio program
Patients of marijuana dispensary upset after personal information shared in email
Super-rich fear their financial details will be exposed following Bermuda cyber hack
Cosmetics Brand Tarte Exposed Personal Information About Nearly 2 Million Customers
Confidential child protection documents found ‘blowing around’ in a Leicester street
Carolina Oncology Specialists notifies 1,551 patients of possible breach
Computer file stolen in Oklahoma could put Spokane veterans at risk for identity theft
Austin Manual Therapy Associates patient data hacked
Action taken following major breach of personal health records at QEH
Data breach exposes millions of South Africans’ personal records
RiverMend Health notifies 1,300 after employee’s email account compromised
Chase Brexton Health Care notifies more than 16,000 patients after phishing incident
Thieves steal Bassett facility’s patient information
Data breach at Arden Hills-based Catholic financial services provider affects nearly 130K accounts
We Heart It says a data breach affected over 8 million accounts, included emails and passwords
Advanced Spine & Pain Center Notifies 8,362 Patients After Two Possibly Unrelated Incidents
Equifax: Umm, actually hackers stole records of 15.2 million Brits, not 400,000
Accenture left a huge trove of highly sensitive data on exposed servers
City of Calgary embroiled in privacy breach class-action lawsuit
Cabrillo College issues notice of data breach to 28,000 students
District investigating data breach at Palo Alto High School
Private data of more than 1,100 NFL players, agents exposed
Graton casino ‘data breach’ potentially reveals some patrons’ Social Security numbers
Hackers hit plastic surgery, threaten to release patient list and photographs
Financial information
Personal information possibly compromised for people paying fines, fees to Midland County
South Korean Gov’t Investigating Bithumb Security Breach, World’s Largest Cryptocurrency Exchange
Pizza Hut was hacked, company says
Hyatt Hotels Suffers 2nd Card Breach in 2 Years
Hackers steal $60 million from Taiwanese bank using bespoke malware
Sonic publicly confirms payment card breach at drive-in locations
Fighting back against cyber crime
Third Defendant Charged in iCloud “Celebgate” Scandal That Leaked Private Photos of Hollywood Stars
Other
T-Mobile Website Allowed Hackers to Access Your Account Data With Just Your Phone Number
Cybercriminals hijacked a government server to send sophisticated malware to U.S. companies
Thanks for the updates Lewis
Thanks for the updates Lewis