List of data breaches and cyber attacks in April 2017

With more and more organisations wanting to learn about the EU General Data Protection Regulation, it’s been difficult for me to find the time to keep up to date with the month’s breaches and hacks. When I started compiling April’s list, I hoped that there weren’t many breaches this month, but unfortunately I was wrong.

However, while this month’s list is long, there doesn’t seem to be as many records leaked as in previous months. I’m still searching deeper to find the total number of records affected, but at the moment we’re looking at fewer than 10 million.

If you’re aware of any breaches or cyber attacks that don’t appear on this list, please leave a comment and I’ll get it added.

Cyber attack and ransomware

Newark City Hall computers hacked with ransomware

Atlantic Digestive Specialists notify patients of ransomware incident

Phishing scam diverts more than $40,000 from Denver Public Schools

IAAF says medical records compromised by Fancy Bear hacking group

Lessons to learn as McAfee’s LinkedIn page is hijacked

Hackers set off Dallas emergency sirens more than a dozen times in a few hours

ECMC officials remain mute on cause of computer shutdown

Data breach

RingGo parking app exposes users’ personal information

McDonald’s Canada breached, 95,000 job seekers’ information compromised

Concordia’s online course systems, eConcordia and KnowledgeOne, have been hacked.

Unencrypted patient info from 2008 left in a van, and…… yeah.

Iowa Veterans Home warns nearly 3,000 of data breach after phishing incident

Privacy Incident at Lifespan

Patient privacy breach: over 1600 medical letters found dumped in Sydney bin

PAUSD student data exposed in breach

Millions of game accounts exposed in data breach, responsibility thrown to the wind

30,000 London gun owners hit by Met Police ‘data breach’

Voters’ personal data at risk in Cobb theft

Privacy commissioner calls for investigation after photo card privacy breach

Amedisys announces patient info breach

Privacy breach at Yakima’s Virginia Mason Memorial hospital affects 419 patients

Upmarket Sydney hotel targeted by cybercriminals

Third Personal Data Breach Hits UHIP Customers

Thousands of examiners’ personal details stolen in AQA cyber-attack

Student privacy breached in Victoria Education Department blunder

Tullamore Hospital patient’s information sent to wrong person after data blunder

Wonga data breach: Personal details of 245,000 UK customers and 25,000 Polish customers may have been stolen in cyber attack

Leak of diabetic patients’ data highlights risks of giving info to telemarketers

Privacy, what? Bengaluru police leaks 46,000 phone numbers on Twitter

Scottrade Bank data breach exposes 20,000 customer records

Data leak exposes details of 450,000 lottery subscribers

Foodie social network Allrecipes warns that someone stole users’ email addresses and passwords

Financial information

Chipotle warns of data security breach, recommends monitoring card statements

Blowout Cards Notifies Customers After Card Fraud Reports Roll In

Cleveland Metropolitan School District discloses phishing-related incident

Debit card breach reported by car washes. 

U of L: Tax information of some employees hacked Investigating Possible Breach

Breach of Financial-Aid Tool May Have Compromised Data on 100,000 Taxpayers

1,200 InterContinental hotels hit by malware attack


Ashley Madison blackmailers threaten to create Cheater’s Gallery exposing members who don’t pay up

Teen Hackers Stole $300,000 From a Travel Site and Used It to Buy a Ducati

Hackers Are Emptying ATMs With a Single Drilled Hole and $15 Worth of Gear

Got one of these 20+ models of Linksys Smart Wi-Fi routers? Bad news. 10 security holes discovered

Fighting cyber crime

Wellington Student Arrested for Selling Drugs on the Darknet

Longest sentence ever handed out for hacking: Roman Seleznev Sentenced to 27 Years

Long-sought fugitive admits role in $200M credit card fraud