Data Breaches, Ransomware and Cyberattack Incident List

MSSP Alert is compiling this list of data breaches, cyberattack incidents and major vulnerabilities impacting customers. Check this page regularly for list updates.

Connecticut Higher Education Trust (CHET) financial breach (June 2018): Connecticut State Treasurer Denise Nappier says 44 unauthorized withdrawals totaling $1.4 million were made. Authorities say 21 account holders had online access to their accounts established by unauthorized users. Officials say of this amount, more than $440,000 was recovered or stopped. Source: WTNH

Exactis Data Leak (June 2018): Exactis, a data broker based in Palm Coast, Florida, exposed a database that contained close to 340 million individual records on a publicly accessible server. The haul comprises close to 2 terabytes of data that appears to include personal information on hundreds of millions of American adults, as well as millions of businesses, according to Wired.

Google Cloud Platform – People Data Labs (November 2019): Technically, this was not a Google Cloud Platform (GCP) data breach. Instead, it’s a data leak involving a user that gathered and exposed more than 1.2 billion records, Wired reports.

FastBooking Data Breach (June 2018): FastBooking, a Paris-based company that sells hotel booking software to more than 4,000 hotels in 100 countries, suffered a June 14 data breach. A hacker installed malware on the company’s network. The incident affected 380 hotels in Japan, and perhaps more than 1,000 hotels worldwide, BleepingComputer reports.

T-Mobile Customer Data Breach (November 2019): More than one million T-Mobile prepaid customers had their account details and other personal information exposed by an unauthorized breach, according to TechCrunch’s estimate. The company announced the breach in a letter to customers, Gizmodo reports.

Ticketmaster UK Partner Breach (June 2018): Ticketmaster UK has identified malicious software on a customer support product hosted by an external supplier, and some of its customers’ personal or payment data may have been accessed by an unknown third-party, Reuters reports. Less than 5 percent of Ticketmaster’s global customer base has been affected by the incident, while North American customers have not been affected, the report added.

Want to report an incident? Email MSSP Alert Content Czar Joe Panettieri ([email protected]).