After the chaos at the end of 2020, when more than a thousand security incidents and 20 billion leaked records were reported, data breaches were surprisingly calm in January.
We have documented 82 instances and 878,168,975 exposed records so far this year. That’s not fantastic, especially considering that January is traditionally a slow month for most industries, but it’s an improvement.
Our complete list of incidents is provided below, with those that directly affected the United Kingdom highlighted for your convenience.
Cyber attacks
- Market Harborough school finds wiped hard drives on devices connected to network (unknown)
- Two-year data breach hits employees’ email at WTTW, WFMT (40)
- Personal data of ANWB customers may have been stolen after a cyber attack (unknown)
- Corporate secrets at risk in hack of U.S. courts documents (unknown)
- Tasmania Police called in after ambulance patient details published online (unknown)
- Communauto car-sharing service victim of a cyber attack (unknown)
- Parler is gone, but hackers say they downloaded everything first (unknown)
- Jefferson Healthcare hit by ‘phishing’ cyber attack (2,550)
- Networking giant Ubiquiti alerts customers of potential data breach (unknown)
- Pennsylvania-based Clearfield Co. hit by cyber attack (unknown)
- Eneco warns customers after suffering security incident (1,700)
- Unauthorized access of Stormont Vail’s internal vaccine scheduling site (unknown)
- Email security firm Mimecast says hackers hijacked its products to spy on customers (unknown)
- National Board for Certified Counselors discloses malware attack (unknown)
- Puget Sound Educational Service District reports cyber attack (unknown)
- Ultrapar, attacked on Monday, operates under a contingency regime (unknown)
- Hackers target Hospital of Aftercare in Horažďovice (unknown)
- Irish schools on security alert as gardaí probe online class breach (unknown)
- Gainwell Technologies says medical data was accessed by unauthorised party (unknown)
- Hendrick computer network breach compromised some patients’ information (unknown)
- OpenWRT reports data breach after hacker gained access to forum admin account (unknown)
- Hackers attack major Bangladeshi conglomerate Beximco (unknown)
- Okanogan Co. government hit with cyber attack (unknown)
- Diponegoro University responds to security incident (125,000)
- A Chinese hacking group is stealing airline passenger details (unknown)
- Einstein Healthcare network notifies patients of 2020 email hack (unknown)
- Colliers International Group gets slammed by cyber attack (unknown)
- Security firm Malwarebytes infected by same hackers who hit SolarWinds (unknown)
- SonicWall says it was hacked using zero-days in its own products (unknown)
- Services of the Vienne department affected after cyber attack (unknown)
- Hacker leaks data of MeetMindful.com users (2.28 million)
- Australia’s securities regulator says server hit by cyber security breach (unknown)
- Palfinger Group crippled by massive attack (unknown)
- Dutch COVID-19 patient data sold on the criminal underground (unknown)
- Georgetown County computer network down after cyber attack (unknown)
- Florida Healthy Kids website breached; vendor blamed for not patching (unknown)
- USCellular breached after hackers access CRM software (unknown)
- Canada-based Premier Tech victim of a cyber attack (unknown)
Ransomware
- Wentworth golf club hit by ransomware (unknown)
- Trafford bin collection firm suffers major cyber attack with contracts, passports, financial details leaked(unknown)
- UK Research and Innovation issues statement about ransomware attack (unknown)
- British Mensa website hacked after it failed to secure passwords (18,000)
- Ransomware attack cripples NYC DOE’s teacher disciplinary system (unknown)
- Belgian consultancy Finalyse emerges unscathed from ransomware attack (unknown)
- Ben-Gurion University targeted by cyber attack (unknown)
- Delaware County officials paid $25,000 in ransom to hackers who infiltrated the county’s computer system (unknown)
- Ransomware attack hits short line rail operator OmniTRAX (unknown)
- Ransom demanded after AKVA group victim of ransomware attack (unknown)
- SEPA systems knocked offline by ‘ongoing’ ransomware attack (unknown)
- CHwapi hospital hit by ransomware; operations cancelled (unknown)
- Vehicle rental firm Ucar reveals cyber attack earlier this year (unknown)
- Nygard hit with ransomware that permanently compromised their IT system (unknown)
- Montmagne battling ransomware infection (unknown)
- WestRock reports ransomware incident (unknown)
- Tennessee Wesleyan University systems recovering after ransomware attack (unknown)
- Thai media and content conglomerate Mono Next Public Company hit by hackers (unknown)
- Brazil’s Municipality of Balneário Camboriú hit by ransomware (unknown)
- Crisp Regional Health Services falls victim to ransomware attack (unknown)
- Ransomware attack on Netgain Technology compromised info of home visit clients (8,700)
- Cyber security incident at Peel District School Board causes system outage (unknown)
Data breaches
- UK government loses arrest records during routine clearing of databases (150,000)
- Indian government sites leaking patient COVID-19 test results (unknown)
- Anti-secrecy activists publish a trove of ransomware victims’ data (750,000)
- Names of students who use University of Ottawa Students’ Union Food Bank made public (111)
- United Nations data breach exposed over staff records (100,000)
- Chinese start-up Socialarks leaked scraped data, exposing Facebook, Instagram and LinkedIn users (214 million)
- Australian police release firearm owner details in email bcc gaffe (500)
- Saskatchewan privacy commissioner investigates potential breach of hunting licensing system (33,000)
- Colorado’s Pitkin County COVID-19 case investigations inadvertently exposed online (unknown)
- Amazon’s Ring Neighbors app exposed users’ precise locations and home addresses (unknown)
- Ronald McDonald House notifying almost guests of Blackbaud breach (17,373)
- Now-defunct social media app Fleek exposes users in massive data breach (377,000)
- Giant leak exposes data from almost all Brazilians (660 million)
- Leaks of personal information from epidemiological survey cast shadow over anti-epidemic work (unknown)
- Cook County, IL, exposes court database containing domestic violence case details (323,000)
Malicious insiders and miscellaneous incidents
- Essex Police officer to appear at court charged with computer misuse offences (unknown)
- Trinidad and Tobago-based West Shore launches probe after technician’s post on PM’s health (1)
- Ex-SoftBank engineer held for 5G trade secret theft (unknown)
- Tesla claims engineer stole secrets just days into the job (unknown)