List of data breaches and cyber attacks in September 2018 – 925,633,824 records leaked

It’s time for the month’s list of breaches and cyber attacks, and it’s a big one.

Almost 1 billion records were leaked this month – 925,633,824 to be exact. There were also a few more reported ransomware incidents than normal, some of which saw the victims paying the fine – something most security professionals advise against.

The list tells me one thing: organisations need to get themselves ready for a data breach.

More and more organisations are beginning to do what’s necessary to become #BreachReady, but are you?

As always, if I have missed anything out, please let me know in the comments.

Cyber Attacks and Ransomware

Ransomware Attacks Conway, Companies out Thousands

OKCPS student information system down after ‘denial of service’ attack

Oklahoma man charged, accused of hacking into Guthrie Police Department’s computer system

‘PAY UP’ Arran Brewery blackmailed by hackers as Scottish beer firm becomes latest victim of sophisticated Ransomware attack

Virus shuts down city services in Beatrice, Nebraska

Cyber attack on Italian National Institute for Social Assistance threatens users’ personal data

Keys schools computer system hacked

University Cyber Attacks Down To Students, Staff

Hacker exploits EOS smart contract to steal $200K from gambling app

Fetal Diagnostic Institute of the Pacific notifies 40,800 patients after ransomware attack

Canadian Town Pays Hackers Ransom in Bitcoin (BTC)

Midland servers hacked, attackers demanding ransom

Hoopeston Area School District website hacked, false emergency messages sent out

Data Breach

Chegg resets 40 million user passwords after data breach

NewsNow suffers security breach – passwords should be considered compromised

Cash, hard drive, data stolen from DLF1 office, cops suspect insider

Cyber-attack at fashion website hits 6.4m customers


B.C. privacy officials look into data breach involving bankrupt computer retailer

Chinese police arrest 21 over data theft at Alibaba’s delivery arm: Xinhua

SingHealth data breach reveals several ‘inadequate’ security measures Leaks 14M+ Records

Broadcaster ABS-CBN customer data stolen, sent to Russian servers

Another security breach at Grindr reveals users’ exact location

State Department email breach exposed employees’ personal information

Hackers selling research phished from universities on WhatsApp

Perth Mint data breach bigger than thought

Data of almost 3,000 patients experiencing emergency symptoms exposed online by MedCall Advisors

Guardant Exposed to Cybersecurity Threat from Phishing Scheme

Hundreds of federal civil servants lose personal information in data breach

Files With 42 Million Emails and Passwords Found On Free Hosting Service

Blue Cross blames vendor for breach of customer information in R.I.

Brief: UofL Faculty and Staff Facing Data Breach

Npower warns of breach that exposed personal details of 5,000 customers

Children’s centre lost paperwork and mixed-up records

Cloud data management firm Veeam exposes 200GB of data on AWS instance

Files containing patient info left unsecured at TMC HealthCare property

Karnataka’s famed land record database Bhoomi faces another security breach

More than 5,000 affected by Park by Phone data breach

Westpac employee gave customer passwords to mortgage broker in serious data breach

Gang of hackers seizes WhatsApp accounts of Karachi users

TV Licencing urges tens of thousands of Scottish customers to check bank statements after data security breach

Click2Gov Payment System Security Breach

BA Apologizes After 380,000 Customers Hit in Cyber Attack

Crypto Exchange Kraken Denies Rumor of Office Closure, Security Breach

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Personal info for 2,000 DC students mistakenly posted online

Brazilian credit bureau investigates potential data leak

Government transparency site revealed Social Security numbers, other personal info

C&A suffers data leak in Brazil

Hundreds of private medical documents scattered on Albuquerque street

Financial Information

DoorDash customers say their accounts have been hacked

Aspire Health hacked by phishing scheme, lost ‘protected health information’

Hackers stole customer credit cards in Newegg data breach

Independence Blue Cross and subsidiaries notifying members whose PHI was mistakenly exposed on public web site

Gang crime spree targeted credit card machines, patient records in medical offices, attorney general says


Banks Turn to the Courts for Data Breach Claims

Healthcare in the Cross Hairs: Insider Threat

ProtonVPN, NordVPN Patch Windows Bug

Latvenergo asks authorities to look into possible data leak

Public IP Addresses of Tor Sites Exposed via SSL Certificates



  1. Rudi Ferreira 30th September 2018
  2. Ira 2nd October 2018