Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Polyverse Weekly Breach Report

Jul 2, 2018By Shaina Raskin

A snapshot look at the breaches and reported vulnerabilities of last week


A page on Comcast’s Xfinity website exposed customer account information to anyone on that customer’s network. Comcast shut down the API after they were alerted of the leak. To read more:

Ticketmaster UK

Ticketmaster UK alerted customers that it had found malicious software on Inbenta, a support-chat tool used to help major websites interact with their customers. Ticketmaster said that a hacker had accessed a small percentage of customers’ data. To read more:


This Linux distro alerted users that someone had managed to break into the organization’s GitHub account and modified the open-source project’s data. Gentoo does not yet know the extent of the modifications, and is working to regain control of the organization and its repositories. To read more:

Law-enforcement data

A data breach at an active-shooter training center exposed the personal data of thousands of US law-enforcement officials. To read more:


This popular betting platform left a password list for its back-office systems on its website. The site has since removed the document. To read more:


This marketing company left two terabytes of sensitive data exposed on the internet. The data included personal information on 230 million consumers and 110 million business contacts. To read more:


Adidas alerted customers who purchased from its website of a data breach. The hackers acquired data including contact information, usernames and encrypted passwords. To read more:


This online-survey and form-building service announced a data breach after an attacker downloaded a backup file containing sensitive customer information. To read more:


This secure-email provider faced multiple outages last week due to a wave of DDoS attacks. Researchers tracked the hacking group to Russia. To read more:

Reported Vulnerabilities


Cisco is urging users to install the fix for a recently disclosed denial-of-service flaw affecting many of its security appliances. To read more:


Researchers published three attacks against the mobile communication standard LTE, a first-generation type of 4G technology. To read more:

Want to learn more?

Sign up below and receive weekly breach reports directly in your inbox.

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.