After a rampant start to the year for data breaches and cyber attacks, it’s about time we went one month without at least one massive security incident.

June 2019’s total of 39,713,046 breached records is the lowest since May last year – the month that the GDPR (General Data Protection Regulation) came into effect.

Is this the start of the long-awaited ‘GDPR bounce’? We doubt it, but it’s certainly a step in the right direction.

Here’s a full list of every incident in the month of June:

Cyber attacks

• Security breach costs Ripple cryptocurrency holders 23 million XRP (12)
• The EU’s embassy in Moscow was hacked but the EU kept it a secret (unknown)
• Arizona-based Kingman Regional Medical Center says cyber attack could be responsible for its website shutting down (unknown)
• US Customs says border-crossers have had their photos stolen (unknown)
• Nova Scotia Health Authority caught in phishing attack (2,841)
• Account of schoolboard member at Hopkins Co., KY, school breached (7,000)
• Social planning platform Evite admits to data breach that was first reported in April (10 million)
• Philadelphia’s court system thrown into chaos by computer virus (unknown)
• Details on cyber attack against Symantec revealed: A ‘minor incident’?(unknown)
• Corporate espionage suspected as confidential data of New York company stolen in Mumbai (unknown)
• Australian Catholic University hit by phishing attack (unknown)
• EatStreet food ordering service discloses security breach (6 million)
• Hackers stole $1.75 million from church (unknown)
• Southest Kootenat school district reveals it was hit by Emotet in January(unknown)
• State-sponsored hackers steal data from more than a dozen telecoms orgs(unknown)
• Westwood, NJ, provides notice of 2018 malware attack (unknown)
• Key Biscayne becoming the latest Florida city to be hit by cyber attack(unknown)

Ransomware

• Pittsburgh-based Ellwood City Medical Center hit by ransomware (unknown)
• Edcouch, TX, government hit by ransomware attack (3,000)
• Ohio urologist pays hackers $75,000 after ransomware attack (unknown)
• Massachusetts-based software company discloses ransomware incident(unknown)
• Russia’s top three banks breach customer’s personal data (900,000)
• Riviera Beach? More like Riviera Breach, as Florida city pays hackers $600k after ransomware attack (unknown)
• Another Miami breach: Lake City pays $460,000 ransom demand (unknown)

Data breaches

• Broome Co., NY, government systems accessed by unauthorised party(unknown)
• Database misconfiguration at the University of Chicago exposes personal data(1,679,993)
• Jewish dating app JCrush kept user’s personal data and private message records in unprotected database (200,000)
• Aetna is only just now notifying Virginia employees of data breach it’s known about since December 2018 (238)
• Baltimore Co. Schools exposes sensitive data about students and staff members(+116,000)
• The Tech Data Corporation exposed 264GB of client servers, invoices, passwords (unknown)
• Shanghai Jiao Tong University leaks students’ email metadata (unknown)
• List of medical records from a Donegal hospital found in a bin (33)
• Critical flaw in Evernote add-on exposed user’s sensitive data (4.6 million)
• Canadian town notifies residents of privacy breach (2,345)
• Graceland University discloses data breach (unknown)
• Oregon State University also discloses data breach (636)
• Missouri Southern State University third college to disclose data breach over two-day span (unknown)
• Dublin Port Company investigating the source of a data leak (unknown)
• Employee at Temple University accidentally uploads student information onto Internet (160)
• Chicago-based healthcare centre left patient data in now-closed facility(unknown)
• Misconfigured database belonging to Indian job portal causes massive data breach (1.6 million)
• Ad agency exposed patients’ medical injury claim records (150,000)
• Two Maryland-based medical practices notify patients after accidental data disclosure (3,380)
• HIV patients’ data breached in NHS Highland email gaffe (37)
• Specsavers says Queensland customers’ private medical information has gone missing (unknown)
• Theta360 exposes user-uploaded photos (11 million)
• IT error at Creighton University exposes patient medical records (unknown)
• Virginia-based insurer Dominion National investigating data breach dating back to 2010 (unknown)
• Indiana-based healthcare facility says an employee was gaining unauthorised access to patient data (2,200)
• Taiwan’s civil service system reports data breach (240,000)
• Queensland Health launches investigation after medical files found on roadside(unknown)
• Woodbury’s Merrill Arts Center hit with data theft (unknown)

Financial information

• Leicester City FC fans’ financial details stolen in cyber attack (unknown)
• Attack on Westpac’s PayID system exposes Australians’ personal data (98,000)
• Australian National University detects data breach dating back 19 years(200,000)
• Parents of Nagle Catholic School warned about financial data breach (unknown)

Malicious insiders and miscellaneous incidents

• Canadian weight loss centre accidentally posts clients’ personal data online(unknown)
• Employee at dental clinic exposes customers’ data ‘to prove they were at work’(1,041)
• Alberta Health Services says an unauthorised person accessed patient data(6,129)
• Privacy breach at Canadian hospital as employee accesses an acquaintance’s medical records (1)
• Former employee at Canadian credit union stole customer data (2.9 million)
• File sharing site WeTransfer was accidentally sending data to the wrong users(unknown)
• Leaked video shows how patient data in Hong Kong hospitals can be publicly accessed (unknown)

In other news…

• Cryptocurrency start-up hacks itself before hacker gets the chance (unknown)
• Time for breach-reporting site Have I Been Pwned to ‘grow up’? It’s creator thinks so
• Unreleased Radiohead audio was held at ransom, so the band made it publicly available
• PainMD says it can’t access patient records because those with keys to the storage facility no longer work at the company (unknown)
• Anonymous hacker exposed after dropping USB stick while throwing Molotov cocktail (unknown)

Source: IT Governance