BlackBox Connections


Unit 203
70 Country Hills Landing
NW Calgary, AB T3K 2L2

Office Hours

Mon – Fri
8:00 – 5:00
Support 24hrs

Call us Today

587 355 1566

Call us Today

587 355 1566

Latest Data Breach List

Feb 22, 2018

Data Breach!  We hear it more and more….and is up by 40%!


Do you know if you have given your personal information to any of the companies listed below? What about any of your employees?  Being aware of the latest data breach is of the utmost importance!

Everyday we are being asked for our email address or other personal information and it can be difficult to know for sure where your information is going and if it is still safe!

Below is a list of the latest data breaches we have had in the past year:


Yahoo! (Update)

Back in December of 2016, there was word that more than 1 Billion users were impacted by the 2013 Yahoo data breach, but unfortunately that number was way off.  It was more like 3 Billion accounts were indeed stolen.  Four months after Verizon acquired Yahoo’s core internet assets, it revealed that every single customer account had been breached including email, Tumblr, Fantasy and Flickr.



Google put a stop to this one in about an hour, but even during that time, they estimated that 1 million users may have been affected.  Gmail users were targeted in a sophisticated phishing scam that were trying to get access to accounts through a 3rd party app.



Hackers recently targeted both customers and users with a malware phishing attack.  Only one of the systems were breached, but they were still able to obtain email addresses.  This led to a malicious email campaign that prompted recipients to click and download a Microsoft Word document that contained malware.   If you have received a suspicious DocuSign Email, forward it to  Remember to ONLY access documents directly through the DocuSign website and not by clicking email links.



Known as the largest maker of point-of-sale credit card terminals, this company discovered a data breach of its internal network back in January 2017.  The breach did not affect the payment services network, but did affect the corporate network.  The data breach was immediately handled but sources say there is evidence that a Russian hacking group is responsible.  The hackers may have been inside Varifone’s network since the mid 2016, but this has yet to be confirmed.



A data breach attack that started at 2 am PST on May 31, was shut down by 9 am, OneLogin reports.  OneLogin allows users to manage logins to multiple sites and apps through a cloud-based platform.  While this company provides services for about 2,000 companies in 44 countries, over 300 app vendors and more than 70 software-as-a-service providers, they are not too sure of the full extent of this data breach.  They do know, that customer data was compromised, including the ability to decrypt encrypted data and the investigation is ongoing.


River City Media

Thanks to Chris Vickery, a security researcher for MacKeeper, a leak called “Spammergate” was found and reported to the authorities right away.  A group of spammers that operate under the name of River City Media, unknowingly released their private data into cyberspace after they failed to properly configure their backups.  The “bad guys” leaded information including:  HipChat logs, domain registration records, accounting details, infrastructure planning, production notes, scripts, business affiliations….not to mention 1.4 billion email accounts, IP addresses, full names and some physical addresses.

Law enforcement is involved, but it is unclear as to what will happen with River City Media.


Deep Root Analytics

Chris Vickery, a cyber risk analyst, who has discovered other well known data breaches…including ones in this article, has discovered that the sensitive information collected by Deep Root Analytics, has exposed important personal information of U.S. voters.  The Republican National Committee had hired Deep Root Analytics to gather political information last year, which has now affected roughly 198 million American citizens.  Their personal information was stored on an Amazon cloud server without a password protection for almost two weeks.  Compromised informatino included names, dates of birth, home addresses, phone numbers, and voter registration details.  Since that time, they have updated the access settings and have put protocols in place to prevent further issues.


Online Spambot

Just like the River City Media breach we mentioned just above, where the “bad guys” had information stolen….well it happened again to an online spambot.  The data breach this time however is larger.  This one involves 711 million records, including email addresses and some passwords, with the goal of sending spam emails.  They had forgotten to secure the server the data was kept on.  It is currently unknown as to how many other people have found this database and are using it for their own negative purposes.



This was another discovery by Chris Vickery, of UpGuard.  We have mentioned him in this post a few times as being the founder of some horrible data breaches!  If you have contacted Verizon’s customer service in the past 6 months, you may have been one of the 14 million subscribers that were affected by this data breach.  Apparently records taken were held on a server controlled by Israel based Nice Systems.  Although Chris reported this data breach to Verizon in late-June, it took more than a week to secure this breached data.  The data that had been obtained were log files that had been generated once a customer contacted Verizon via phone.


SVR Tracking

More than half a million customer records were leaked during this data breach.  SVR Tracking, a company out of San-Diego, provides a service for auto dealerships and lot owners to be able to locate and recover vehicles.  On September 20, Kromtech Security Center informed SVR Tracking of its findings in regards to 540,642 records that were unsecured in an Amazon S3 bucket.  The bucket was secured within 3 hours, but they are unsure as to how long the information was publicly available online.  The sensitive information that was leaked included:  email addresses, passwords, licence plate numbers, VINs, as well as the ability to see every single place a vehicle has been in the last 120 days.



Once named the “best cybersecurity consultant in the world” by Gartner, has been a target of the latest data breach.  This multinational professional services firm, failed to employ a two-factor authentication, and when hackers acquired a single password from an administrator of the firm’s email account, they were then able to access all areas of the email system.  Deloitte insists that only a small fraction of its clients were affected, but this was indeed an embarrassing situation for the company.


Saks Fifth Avenue

The Canadian company Hudson Bay, who owns Saks Fifth Avenue had their own data breach in which tens of thousands of customers information was visible on a page through their website.  The page was where customers could join a wait list for products they may be interested in, but it was possible to see email addresses, phone numbers, products codes and IP addresses.  BuzzFeed was the company that broke the news and once Saks Fifth Avenue were informed, they removed the page immediately.  They are still unclear as to how this happened, who did it or which customers may have been effected.



As one of the three largest credit agencies in the U.S., it was alarming to hear of this data breach.  It has been called one of the worst in history, with it affecting 143 million consumers and their extremely sensitive information.  From Mid May to July of this year, hackers had access to the company’s system, by exploiting a weak point in the website software.   Information leaked included: Full names, addresses, dates of birth, Social Security numbers, driver’s license numbers, credit card numbers and other personal information.


E-Sports Entertainment Association (ESEA)

Roughly 1,503,707 records were stolen from one of the largest video gaming communities in December 2016.  Unfortunately, how many people were affected is still unclear.  Some of the information they believe was leaked included:  registration date, city, state, last login, username, first and last name, bcrypt hash, email address, date of birth, zip code, phone number, website URL, Steam ID, Xbox ID, and PSN ID.


Xbox 360 ISO and PSP ISO

Back in September 2015, it was revealed that Xbox 360 ISO and PSP ISO had been hacked.  The sensitive user information was taken from roughly 1.2 million Xbox 360 ISO users and 1.3 million PSP ISO users.  The information that may have been taken was:  e-mail addresses, IP addresses, username and passwords.



Between October 25, 2016 and January 19, 2017, malware was placed on a payment system inside certain Arby’s restaurants.  The malware was removed the but scope of the breach is not yet known.



Between March 24, 2017 and April 18, 2017, payment card transactions were affected.  The company did post a notification on their website to inform their customers, but as of yet they are unsure as to who and what may have been taken.  They believe they have stopped the unauthorized activity, but it is too early to give any more information.


InterContinental Hotels Group (IHG)

If you have ever stayed at any of these popular chains like Crown Plaza, Holiday Inn, Candlewood Suites, and Kimpton Hotel, you may have had your card information stolen.  Malware was found on servers which process payments made at on-site restaurants and bars.  Any cards used at the front desks however, were fine.  From August 2016 – December 2016 is when the malware was active.  It would have stolen cardholder names, card numbers, expiration dates, and internal verification codes.  Some of the targeted locations include:  Sevens Bar & Grill – Crowne Plaza, San Jose-Silicone Valley, the Bristol Bar & grille – Holiday Inn, San Francisco’s Fisherman’s Warf, InterContinental San Fransico, Aruba’s Holiday Inn Resort, and InterContintental Los Angeles Century City.


Dun & Bradstreet

33 Million corporate contacts from Dun & Bradstreet, a large business services company, had its marketing database shared across the web, back in March of this year.  According to the company, they were not breached but had actually sold the 52GB contact database to thousands of companies across the country.  Which of those businesses that may have suffered this data breach is still unclear.  Millions of employees from organizations like the U.S Department of Defense, the U.S. Postal Service, AT&T, Wal-Mart and CVS Health had their information leaked.  Information such as full names, work email addresses, phone numbers and other business related data was taken.


UNC Health Care

Between 2014 and 2017, women who had completed pregnancy home risk screening forms at prenatal appointments in either the Women’s Clinic at N.C. Women’s Hospital or the UNC Maternal-Fetal Medicine at Rex, may have mistakenly had their personal information shared to local county health departments.  1,300 letters were sent to patients who may have been affected by this data breach.  Information that was shared included full names, addresses, races, ethnicities, Social Security numbers, and a variety of health-related information.


Bronx Lebanon Hospital Center

Due to a misconfigured Rsync backup, hosted by a third party iHealth, thousands of medical records were exposed from the Bronx Lebanon Hospital Center in New York.  Patients that visited the hospital between 2014 and 2017 may have had extremely personal information leaked.   This data breach had included details such as names, home addresses, religious affiliations, addiction histories, mental health and medical diagnoses, HIV statuses, and sexual assault and domestic violence reports.   Immediate steps were taken from iHealth to protect the exposed information.


Brooks Brothers

Exact locations of this data breach are not yet known, but if you shopped at a Brooks Brothers retail stores or outlets between April 4, 2016 and March 1, 2017, you may have had your credit card information stolen.  Apparently an unauthorized individual installed malicious software onto some of the payment systems, which collected the card information.  The issue has been resolved but no other details have been given.



The parent company for Kmart, Sears Holdings, has reported another data breach similar to the one they had back in 2014.  Kmart’s store payment systems were infected with malware. and Sears shoppers were not impacted by the breach and it has been removed, but they are still unsure as to how long the system was under attack and how many stores would have been affected.  Certain credit card numbers may been leaked but no personal information was compromised.


University of Oklahoma

Education records dating back to at least 2002, were unintentionally exposed through privacy setting at the University of Oklahoma.  The student-run newspaper, The Oklahoma Daily was the first to reveal this data breach.  The newspaper reported that there were more than 29,000 instances in which students’ private information was made public to users within the University’s email system.  Information such as Social Security numbers, financial aid information and grades were compromised.  Until further notice the University has shut down the file sharing program.


Blue Cross Blue Shield / Anthem

80 million customers were affected by this 2015 data breach from Health Insurance company, Anthem.  While the settlement still needs to be approved by the courts, they have agreed upon $115 million.  Customers using Anthem Blue Cross & Blue Shield, Blue Cross & Blue Shield of Georgia, Empire Blue Cross & Blue Shield, Amerigroup, Caremore, Unicare, Healthlink, and deCare brands may have been affected.  The company had agreed to provide the impacted customers with 2 years of credit monitoring services, but have now extended that offer to an additional 2 years, as part of this settlement.


California Association of Realtors

A data breach was reported between March 13, 2017 and May 15, 2017, in which a malware was active on the organization’s online payment system called  Real Estate Business Services (REBS), a subsidiary of the California Association of Realtors has been dealing with this latest data breach and has removed the malware, as well as started using PayPal for their payments.  Payments made from a user on the website, personal information may have been copied by the malware and shared to an unknown 3rd party.  The sensitive information transmitted, would have been:  user’s name, address, credit card number, credit card expiration date and verification codes.


TalentPen and TigerSwan

Personal information for Job seekers with Top Secret clearance were publicly available and unsecured for just over 6 months according to UpGuard a cybersecurity firm.  Roughly 9,000 documents were affected during this data breach.  The documents were found in a folder labelled “resumes”.  TigerSwan, had ended a contract with TalentPen, a 3rd party vendor, who had failed to take down the files after they had been transferred to TigerSwan back in February.  The files were left in a bucket site on Amazon Web Services by TalentPen, without a password or any type of security until August 24, 2017.  Once Amazon had been contacted, the files were taken down.


U.S. Securities and Exchange Commission (SEC)

In 2016, Jay Clayton, Chairman of the SEC, issued a statement in regards to cybersecurity.  A software vulnerability in the test filing component of the SEC’s EDGAR system was discovered, but was fixed promptly.  In August of this year however, the SEC learned that the data breach may have provided the basis for illicit gain through the trading.  This vulnerability allowed access to nonpublic information, but they do not believe that there was access to personally identifiable information.



Sonic,the fast food chain with almost 3,600 stores in 45 states, were informed of their data breach in which unusual activity was noticed on customer payment cards.  It is not immediately known which locations were affected.  The company is working with law enforcement and investigators to determine more.  KrebsOnSecurity was first to report this data breach after discovering a “fire sale” of millions of stolen credit and debit cards on the Dark Web.


Whole Foods Market

Recently acquired by Amazon, Whole Foods Market made an announcement about a recent data breach of its payment system.  They do not believe that individuals who shopped at the store were affected, but those who used the taprooms or full table-service restaurants may have. The investigation is still ongoing and updates will be provided.  The company also mentioned that Amazon’s payment systems were not connected to Whole Foods Market, so no Amazon transactions were impacted.



Back in 2012, was when Disqus, a blog comment hosting service had their own issue with a data breach.  Unfortunately, the company had no idea they were a victim of this until the website, Have I been Pwned? reached out to them about exposed user information they had found.  After verifying the authenticity of the data, it was found that is was information taken from their 2012 user database, which had information dating back to 2007.  The information taken included:  user email addresses, user names, sign-up dates, and last-login dates.  Evidence of unauthorized logins has not been shown, but they have reset the passwords of all affected users.


by BlackBox Connections

Topic: Latest Data Breach List