By Dissent Doe and Lee Johnstone On July 27, an independent researcher known as “Flash Gordon” (@s7sins on Twitter) contacted DataBreaches.net and Lee Johnstone to report that during a routine keyword search on Google, he had found numerous credit reports from Indian consumers exposed. Identifying the owner of the database was not easy in this…
Category: Breach Incidents
Forum post claims breach of 850k users’ information; leak from recruitmilitary.com?
Lee Johnstone reports on a leak involving a non-profit organization that tries to match employers with job seekers who are veterans: Today a user has posted a new thread to a known forum that makes claim of an breach of over 850,000 US military officers personal information. The user who goes by the name booloop…
Jersey Mike’s Warns Customers To Reset Passwords
Abeerah Hashim reports: Jersey Mike’s Subs’ recent emails to its customers have made them suspicious of a cyber attack. The firm has warned its customers to ensure their accounts’ security and has asked them to change passwords. However, they advise that Jersey Mikes has not been a source of any data breach insinuating that some…
Aerospace corp Elbit Systems Breached, 10,000 accounts leaked
Israel is no stranger to cyber incidents and today a user on twitter has posted over 10,000 accounts from a aerospace and defense corporation Elbit Systems. The leak was announced by @Th3Falcon earlier today and was posted to privatebin.net with over 10,000 credentials for users and administors from elbit systems. Data in the leak contains…
Three members of notorious “FIN7” criminal ring in custody for attacking more than 100 companies
The Department of Justice announced a stunning arrest today of key players in one of the most damaging threat actors in the last decade. Kudos to all involved in their arrests. You can read the DOJ’s full press release below, but let’s start with a quote from a FIN7 hunter: “FIN7 is the most prolific and…
Reddit discloses a breach
From their announcement by KeyserSosa today: TL;DR: A hacker broke into a few of Reddit’s systems and managed to access some user data, including some current email addresses and a 2007 database backup containing old salted and hashed passwords. Since then we’ve been conducting a painstaking investigation to figure out just what was accessed, and…