Data Breaches - 9/12 - 9/23 - 2016
Accounts for 6.6 Million ClixSense Users Have Been Breached (09/14/2016)
ClixSense, an online company that pays individuals to view ads, has been hacked and the attacker gained access to a database server to swipe details including account names and user balances. The company issued a statement to tell users that it was able to restore user accounts, the forum, and some account names. ClixSense owner Jim Grago told Ars Technica that the stolen database contained information for 6.6 million accounts and once hacked, the ClixSense site was redirecting visitors to a gay porn site.
Data Breach Possibly Connected to Payment Processor BlueSnap (09/14/2016)
Security researcher Troy Hunt has reported that 324,000 records containing names, physical addresses, email addresses, CVV codes, and the last four digits for credit cards have been dumped onto Twitter. Hunt said that the breached info potentially came from BlueSnap, a payment processor, since coding in the file pointed at that company, but BlueSnap has denied this development.
Russian Attackers Hack and Release Olympians' Medical Records (09/15/2016)
The World Anti-Doping Agency (WADA has confirmed that a Russian cyber espionage group called Tsar Team (i.e. APT28, Fancy Bear) illegally gained access to WADA's Anti-Doping Administration and Management System (ADAMS) database via an International Olympic Committee-created account for the Rio Games. The group accessed athlete data, including confidential medical data, such as Therapeutic Use Exemptions delivered by International Sports Federations and National Anti-Doping Organizations -- related to the Rio Games; and, subsequently released some of the data in the public domain, accompanied by the threat that they will release more. It is suspected that ADAMS was accessed by passwords that had been culled from spear phishing campaigns. The American athletes targeted included gymnast Simone Biles, tennis players Serena and Venus Williams, and basketball player Elena Delle Donne.
880,000 Users Affected by MoDaCo Data Breach (09/20/2016)
MoDaCo, a UK-based Android forum, confirmed that a data breach occurred after an unknown third-party dumped a database online. This admission came after users were notified, not by MoDaCo, but by the HaveIBeenPwned service. According to Troy Hunt, who runs that site, 880,000 people had their information swiped in a January data breach of MoDaCo. The data included email and IP addresses, usernames, and passwords stored as salted MD5 hashes.
ClixSense, an online company that pays individuals to view ads, has been hacked and the attacker gained access to a database server to swipe details including account names and user balances. The company issued a statement to tell users that it was able to restore user accounts, the forum, and some account names. ClixSense owner Jim Grago told Ars Technica that the stolen database contained information for 6.6 million accounts and once hacked, the ClixSense site was redirecting visitors to a gay porn site.
Data Breach Possibly Connected to Payment Processor BlueSnap (09/14/2016)
Security researcher Troy Hunt has reported that 324,000 records containing names, physical addresses, email addresses, CVV codes, and the last four digits for credit cards have been dumped onto Twitter. Hunt said that the breached info potentially came from BlueSnap, a payment processor, since coding in the file pointed at that company, but BlueSnap has denied this development.
Russian Attackers Hack and Release Olympians' Medical Records (09/15/2016)
The World Anti-Doping Agency (WADA has confirmed that a Russian cyber espionage group called Tsar Team (i.e. APT28, Fancy Bear) illegally gained access to WADA's Anti-Doping Administration and Management System (ADAMS) database via an International Olympic Committee-created account for the Rio Games. The group accessed athlete data, including confidential medical data, such as Therapeutic Use Exemptions delivered by International Sports Federations and National Anti-Doping Organizations -- related to the Rio Games; and, subsequently released some of the data in the public domain, accompanied by the threat that they will release more. It is suspected that ADAMS was accessed by passwords that had been culled from spear phishing campaigns. The American athletes targeted included gymnast Simone Biles, tennis players Serena and Venus Williams, and basketball player Elena Delle Donne.
880,000 Users Affected by MoDaCo Data Breach (09/20/2016)
MoDaCo, a UK-based Android forum, confirmed that a data breach occurred after an unknown third-party dumped a database online. This admission came after users were notified, not by MoDaCo, but by the HaveIBeenPwned service. According to Troy Hunt, who runs that site, 880,000 people had their information swiped in a January data breach of MoDaCo. The data included email and IP addresses, usernames, and passwords stored as salted MD5 hashes.