Skip to content
Cyber Breaches
Search
Data breachResolved

Staminus data breach (2016)

In March 2016, the DDoS protection service Staminus was "massively hacked" resulting in an outage of more than 20 hours and the disclosure of customer credentials (with unsalted MD5 hashes), support tickets, credit card numbers and other sensitive data.

Victim
Staminus
records
26.8K
SectorFinance

Imported from Have I Been Pwned — pending editorial review and translation to French. The summary below is machine-extracted; consult the source for details.

In 2016-03-11, Staminus was affected by a data breach. Approximately 26,815 accounts were exposed. In March 2016, the DDoS protection service Staminus was "massively hacked" resulting in an outage of more than 20 hours and the disclosure of customer credentials (with unsalted MD5 hashes), support tickets, credit card numbers and other sensitive data.

Sources

  1. haveibeenpwned.comhttps://haveibeenpwned.com/PwnedWebsites#Staminus
  2. staminus.nethttps://staminus.net

Related incidents

Data breachResolved

Data Enrichment Records data breach (2016)

In December 2016, more than 200 million "data enrichment profiles" were found for sale on the darknet. The seller claimed the data was sourced from Experian and whilst that claim was rejected by the company, the data itself was found to be legitimate suggesting it may have been sourced from other…

Victim
Data Enrichment Records
Records
8.2M
Data breachResolved

NemoWeb data breach (2016)

In September 2016, almost 21GB of data from the French website used for "standardised and decentralized means of exchange for publishing newsgroup articles" NemoWeb was leaked from what appears to have been an unprotected Mongo DB.

Victim
NemoWeb
Records
3.5M
Data breachResolved

MDPI data breach (2016)

In August 2016, the Swiss scholarly open access publisher known as MDPI had 17.5GB of data obtained from an unprotected Mongo DB instance. The data contained email exchanges between MDPI and their authors and reviewers which included 845k unique email addresses.

Victim
MDPI
Records
845.0K
Data breachResolved

Regpack data breach (2016)

In July 2016, a tweet was posted with a link to an alleged data breach of BlueSnap, a global payment gateway and merchant account provider. The data contained 324k payment records across 105k unique email addresses and included personal attributes such as name, home address and phone number.

Victim
Regpack
Records
105.0K