Search results for leaked database | Breaking Cybersecurity News | The Hacker News

A massive database of terrorists and "heightened-risk individuals and entities" containing more than 2.2 Million records has reportedly leaked online. Researcher Chris Vickery claimed on Reddit that he had managed to obtain a copy of 2014 version of the World-Check confidential database, which is being used by banks, governments, and intelligence agencies worldwide to scope out risks including suspected terrorists. The leaked database contains more than 2.2 Million records of people with suspected terrorist, organized crime, money laundering, bribery, corruption links, and "other unsavory activities." According to Thomson Reuters, who run World-Check, its service is used by 4,500 institutions, including 49 of the world's 50 largest banks, more than 300 government and intelligence agencies, and law firms. Although the access to the World-Check database is supposed to be strongly restricted under European privacy laws, Reuters says an unnamed third-p...

Personal details of nearly 50 Million Turkish citizens, including the country's President Recep Tayyip Erdogan, have been compromised and posted online in a massive security breach. A database, which contains 49,611,709 records , appeared on the website of an Icelandic group on Monday, offering download links to anyone interested. If confirmed, the data breach would be one of the biggest public breaches of its kind, effectively putting two-thirds of the Nation's population at risk of identity theft and fraud. However, The Associated Press (AP) reported on Monday that it was able to partially verify the authenticity of 8 out of 10 non-public Turkish ID numbers against the names in the data leak. 50 Million Turkish Citizens' Personal Data leaked Online The leaked database (about 6.6 GB file) contains the following information: First and last names National identifier numbers (TC Kimlik No) Gender City of birth Date of birth Full address ID...

Exclusive — If you have an account on Taringa , also known as "The Latin American Reddit," your account details may have compromised in a massive data breach that leaked login details of almost all of its over 28 million users. Taringa is a popluar social network geared toward Latin American users, who create and share thousands of posts every day on general interest topics like life hacks, tutorials, recipes, reviews, and art. The Hacker News has been informed by LeakBase , a breach notification service, who has obtained a copy of the hacked database containing details on 28,722,877 accounts, which includes usernames, email addresses and hashed passwords for Taringa users. The hashed passwords use an ageing algorithm called MD5 – which has been considered outdated even before 2012 – that can easily be cracked, making Taringa users open to hackers. Wanna know how weak is MD5?, LeakBase team has already cracked 93.79 percent (nearly 27 Million) of hashed passwords s...

Cybersecurity researcher has discovered online a massive database containing records of more than 202 million Chinese citizens that remained accessible to anyone on the Internet without authentication until last week. The unprotected 854.8 gigabytes of the database was stored in an instance of MongoDB, a NoSQL high performance and cross-platform document-oriented database, hosted by an American server hosting company. In total, the database contained 202,730,434 records about job candidates from China, including candidates' personal information such as their full name, date of birth, phone number, email address, marriage status, and driver’s license information, along with their professional experience and job expectations. Bob Diachenko, director of cyber risk research at Hacken.io and bug bounty platform HackenProof, discovered the existence of database two weeks ago, which had been secured shortly after his notification on Twitter. However, it is worth noting that ...

Exclusive — A security researcher has identified an unsecured server that was leaking detailed personal details of nearly half a million Indian citizens... thanks to another MongoDB database instance that company left unprotected on the Internet accessible to anyone without password. In a report shared with The Hacker News, Bob Diachenko  disclosed that two days ago he found a 4.1 GB-sized highly sensitive database online, named " GNCTD ," containing information collected on 458,388 individuals located in Delhi, including their  Aadhaar numbers and voter ID numbers. Though it's not clear if the exposed database is linked to the Government of National Capital Territory of Delhi (GNCTD), Diachenko found that the database contains references and email addresses with "transerve.com" domain for users registered with "senior supervisor," and "super admin" designations. Based upon the information available on  Transerve Technologies  webs...

A California-based Voice-Over-IP (VoIP) services provider VOIPO has accidentally left tens of gigabytes of its customer data, containing millions of call logs, SMS/MMS messages, and plaintext internal system credentials, publicly accessible to anyone without authentication. VOIPo is one of a leading providers of Voice-Over-IP (VoIP) services in the United States offering reseller VoIP, Cloud VoIP, and VoIP services to residentials and small businesses. Justin Paine , the head of Trust & Safety at CloudFlare, discovered an open ElasticSearch database last week using the Shodan search engine and notified the VOIPO's CTO, who then promptly secured the database that contains at least 4 years of data on its customers. According to Paine, the database contained 6.7 million call logs dating back to July 2017, 6 million SMS/MMS logs dating back to December 2015, and 1 million logs containing API key for internal systems. While the call logs included timestamp and duration o...

Stevens Institute of Technology database leaked by p0keu for #Antisec Stevens Institute of Technology database leaked by Anonymous - p0keu for #Antisec on pastebin , the leaks are a MySQL database and a cms database, usernames/passwords, this leak comes from the same source as the 4 random leaks and bpm leak and once again been leaked onto twitter. Stevens Was Founded in 1870, Stevens is a premier private coeducational institution focused on research and entrepreneurship.Seems that not even education can be educated to secure them selfs. Come on, if you haven’t already been leaked, check your security and make sure your clients details are safe. Recent Hackers for Antisec : 1.) Anonymous Hacks FBI Contractors IRC Federal 2.)  German Federal Police servers Hacked by NN-Crew 3.)  Hellenic Parliament ( Greek ) Websites hacked, Database Leaked

International Organization For Migration database  hacked by Inj3ct0r Team for GREEN LIBYA  Inj3ct0r Team Hackers hack the database of International Organization For Migration database ( http://www.iom.int/ ) . Statement by Hacker " Sorry about the usernames and passwords not giving because we take no responsibility of defacing their database and official website.. But we want to deliver them the message that they're still publishing lies and trying to give a bad image about what's going in libya. Rooted and exposed for the pride of GREEN LIBYA and Supporting the green libyan nation ." Data leaked By Hackers Database : MySQL (MM MySQL JDBC) Database driver : com.mysql.jdbc.Driver Database URL : jdbc:mysql://localhost/jahia?useUnicode=true&characterEncoding=UTF-8 2) Database : Orcale 9.x - 10.x Database driver : oracle.jdbc.driver.OracleDriver Database URL : jdbc:oracle:thin:@localhost:1521:jahia 3) Database : ...

In the digital age, one of the most popular sayings is—if you're not paying, then you're not the customer, you're the product. While downloading apps on their smartphones, most users may not realize how much data they collect on you. Believe me; it’s way more than you can imagine. Nowadays, many app developers are following irresponsible practices that are worth understanding, and we don't have a better example than this newly-reported incident about a virtual keyboard app. A team of security researchers at the Kromtech Security Center has discovered a massive trove of personal data belonging to more than 31 million users of the popular virtual keyboard app, AI.type, accidentally leaked online for anyone to download without requiring any password. Founded in 2010, Ai.type is a customizable and personalizable on-screen keyboard for mobile phones and tablets, with more than 40 million users worldwide. Apparently, a misconfigured MongoDB database, owned by ...

Detecting leaked credentials is only half the battle. The real challenge—and often the neglected half of the equation—is what happens after detection. New research from GitGuardian's State of Secrets Sprawl 2025 report reveals a disturbing trend: the vast majority of exposed company secrets discovered in public repositories remain valid for years after detection, creating an expanding attack surface that many organizations are failing to address. According to GitGuardian's analysis of exposed secrets across public GitHub repositories, an alarming percentage of credentials detected as far back as 2022 remain valid today: "Detecting a leaked secret is just the first step," says GitGuardian's research team. "The true challenge lies in swift remediation." Why Exposed Secrets Remain Valid This persistent validity suggests two troubling possibilities: either organizations are unaware their credentials have been exposed (a security visibility problem),...

How many more data dumps does this hacker have with him that has yet to be exposed? Well, no one knows the answer, but we were recently made aware of another data breach from Peace – the same Russian hacker who was behind the massive breaches in some of the most popular social media sites including LinkedIn , MySpace , Tumblr , and VK.com . The hacker under the nickname "Peace" (or Peace_of_mind) is now selling over 51 Million records obtained from iMesh – now defunct peer-to-peer file sharing service. The New York-based iMesh was one of the first and most popular file sharing services that allowed users to share multimedia files with their friends via the peer-to-peer (or P2P) protocol. Launched in the late 90s, iMesh became the third-largest service in the United States in 2009, but the service was unexpectedly closed down last month. LeakedSource, a search engine site that indexes leaked login credentials from data breaches, noted in a blog post that the comp...

Lebanese Yellow Pages database Compromised Lebanese Yellow Pages website (http://www.yellowpages.com.lb/) database compromised by Hacking Group known as Mad HackerZ Team. Hackers manage to hack database of site and leaked it on internet.  Leaked database include the usernames, Password hashes and Email Id's of Admin and Few accounts as shown. All this data posted on a pastebin note :  http://pastebin.com/dvBzWCF6 Most probability hackers uses Sql Injection Exploit to get the database . According to Softpedia report, They also gained unauthorized access to other domains which they defaced to host their protest messages. The defaced sites include the ones of a political figure called Rafic Al Hariri, an online store named Dunes, Frontpage-lb, a computer company, and the site of a football team.

In recent months, a cybercriminal gang known as LAPSUS$ has claimed responsibility for a number of high-profile attacks against technology companies, including: T-Mobile (April 23, 2022) Globant  Okta Ubisoft Samsung Nvidia Microsoft Vodafone In addition to these attacks, LAPSUS$ was also able to successfully launch a ransomware attack against the Brazilian Ministry of Health. While high-profile cyber-attacks are certainly nothing new, there are several things that make LAPSUS$ unique. The alleged mastermind of these attacks and several other alleged accomplices were all teenagers. Unlike more traditional ransomware gangs, LAPSUS$ has a very strong social media presence. The gang is best known for data exfiltration. It has stolen source code and other proprietary information and has often leaked this information on the Internet. LAPSUS$ stolen credentials  In the case of Nvidia, for example, the  attackers gained access to hundreds of gigabytes of prop...

Dark Web is right now going through a very rough time. Just two days ago, a hacker group affiliated with Anonymous broke into the servers of Freedom Hosting II and took down more than 10,000 Tor-based .onion dark websites with an alarming announcement to its visitors, which said: " Hello, Freedom Hosting II, you have been hacked. " Freedom Hosting II is the single largest host of underground websites accessible only through Tor anonymising browser that hosts somewhere between 15 and 20 percent of all sites on the Dark Web, anonymity and privacy researcher Sarah Jamie Lewis estimated . Besides defacing all Dark Web sites hosted on Freedom Hosting II with the same message and stealing its database, the hackers also demanded a ransom for 0.1 Bitcoin (just over $100) to return the compromised data to the hosting service. Now, it has been reported that the stolen database from Freedom Hosting II has publicly been released online to a site hosted on the Tor network, wh...

Gaana.com -- One of India's most popular music streaming service with more than 10 Million registered users and 7.5 Million monthly visitors -- has reportedly been hacked, exposing the site’s user information database. A Pakistani hacker, who claimed responsibility for the hack, claims that details of over 10 Million users of Gaana service including their username, email addresses, MD5-encrypted password, date of births, and other personal information has been stolen and made available in a searchable database. At the time of writing, Gaana website is currently down for maintenance without any official statement provided yet. As of now, the site displays, "Site is down due to server maintenance. We will be back shortly. Kindly bear with us till then." Details of 10 Million Users Available in a Searchable Database: The hacker, nicknamed Mak Man , posted the link to a searchable database of Gaana user details on his Facebook page, with images of t...

A database of 1.4 billion email addresses combined with real names, IP addresses, and often physical address has been exposed in what appears to be one the largest data breach of this year. What's worrisome? There are high chances that you, or at least someone you know, is affected by this latest data breach. Security researcher Chris Vickery of MacKeeper and Steve Ragan of CSOOnline discovered an unsecured and publicly exposed repository of network-available backup files linked to a notorious spamming organization called River City Media (RCM), led by notorious spammers Matt Ferrisi and Alvin Slocombe. Spammer’s Entire Operation Exposed The database contains sensitive information about the company's operations, including nearly 1.4 Billion user records, which was left completely exposed to anyone – even without any username or password. According to MacKeeper security researcher Vickery, RCM, which claims to be a legitimate marketing firm, is responsible for s...

BPM Database leaked by p0keu for #AntiSec One more Hacker with name "p0keu" leak the database of BPM http://visitbpm.co.uk for Antisec. BPM is the world’s largest event dedicated to DJing, electronic music production and club culture has had its whole database leaked via twitter. The database is leaked via a pastebin link :  http://pastebin.com/qF9nXmgH  .

A team of Hackers called, " r00tBeer Security Team " today hack into official blog of Advanced Micro Devices (AMD) which is a American multinational semiconductor company. AMD is the second-largest global supplier of microprocessors based on the x86 architecture and also one of the largest suppliers of graphics processing units. Hacker deface the blog page ( http://blogs.amd.com/wp-content/r00tbeer.html ) and also leak the complete user database of blog on his twitter account. Leaked database SQL file uploaded on Mediafire by Hackers which include 200 AMD user's Emails, Wordpress Blog Usernames and Passwords. During the time of writing, I think AMD is not aware about that they are the Victim of a Hack attack. We are tweeting to the AMD team for informing them. Screenshot of Hack as shown below: Now only AMD, these hackers also hack another High Profile website called " TBN - The Botting Network ", A Popular forum to learn How to make Money with 96000 member...

An election campaigning website operated by Likud―the ruling political party of Israeli Prime Minister Benjamin Netanyahu―inadvertently exposed personal information of all 6.5 million eligible Israeli voters on the Internet, just three weeks before the country is going to have a legislative election. In Israel, all political parties receive personal details of voters before the election, which they can't share with any third party and are responsible for protecting the privacy of their citizens and erasing it after the elections are over. Reportedly, Likud shared the entire voter registry with Feed-b, a software development company, who then uploaded it a website (elector.co.il) designed to promote the voting management app called 'Elector.' According to Ran Bar-Zik , a web security researcher who disclosed the issue, the voters' data was not leaked using any security vulnerability in the Elector app; instead, the incident occurred due to negligence by the softw...