Click any tag below to further narrow down your results
Links
Canon confirmed its U.S. subsidiary was targeted in the Oracle E-Business Suite hacking campaign. The incident affected only a web server, and no Canon data has been leaked so far. Other companies, including Cox Enterprises and Mazda, also reported impacts from the same campaign.
Poland faced a significant cyberattack where hackers accessed sensitive personal information from a loan platform, including national ID numbers and bank account details. Authorities are investigating the breach, urging affected users to change passwords and secure their data through a new government website.
LG Uplus has reported a suspected data breach to South Korea's KISA, following a pattern of cybersecurity issues among the country's major telecom operators. Investigations are ongoing, and recent reports suggest that hackers may have accessed data from thousands of servers. The situation highlights ongoing vulnerabilities in South Korea's cybersecurity framework.
Sax, a major US accounting firm, reported a data breach affecting about 220,000 individuals. The breach went undetected for over a year, raising concerns about the firm's cybersecurity measures and the potential exposure of sensitive personal and financial information.
Central Maine Healthcare reported a data breach affecting over 145,000 patients, compromising personal, treatment, and health insurance information. The breach was discovered on June 1, 2025, but the intrusion lasted several months. The organization has since notified affected individuals and offered credit monitoring services.
A data breach has exposed sensitive information from about 17.5 million Instagram accounts, including usernames, email addresses, phone numbers, and physical addresses. This information is being traded on the dark web, raising risks for identity theft and phishing attacks. Users are advised to enable two-factor authentication and change their passwords.
Nicholas Moore, a 24-year-old from Springfield, Tennessee, is set to plead guilty to hacking the U.S. Supreme Court’s electronic filing system multiple times. Between August and October 2023, he accessed a protected computer without authorization on 25 different occasions. Details about the specific information he obtained remain unclear.
Hackers accessed personal information of about 27,500 individuals from the University of Sydney's online code library. The stolen data includes names, addresses, and job details of current and former staff, as well as some alumni and students from 2010-2019. The university is investigating the breach and notifying those affected.
DXS International, a tech provider for NHS England, reported a cyberattack that compromised its office servers. A ransomware group claimed responsibility, alleging they stole 300 gigabytes of data, though the extent of the breach and any impact on patient information remains unclear.
Delta Dental of Virginia has reported a data breach affecting approximately 146,000 individuals. Stolen information includes names, Social Security numbers, and health data, accessed through a compromised email account between March and April 2025. The company is offering a year of free identity protection services to those impacted.
This article examines the traits that make ransomware groups effective, highlighting the role of automation, customization, and advanced tools. It discusses how these elements contribute to their financial success and ability to bypass defenses, ultimately shaping security strategies for enterprises.
A ransomware attack on Conduent has compromised the personal information of at least 15.4 million people in Texas and another 10.5 million in Oregon, significantly more than initially reported. The stolen data includes names, Social Security numbers, and medical information. Conduent is still notifying affected individuals and has faced criticism for its lack of transparency.
Hackers accessed the Pierce County Library System's network in April 2025, compromising personal information of over 340,000 patrons, employees, and their family members. The stolen data includes names, Social Security numbers, and financial details. Affected individuals will receive free credit monitoring for a year.
Japanese companies, including Asahi Holdings and Askul, are struggling to recover from ransomware attacks that have caused significant operational disruptions. Many firms are experiencing prolonged recovery times, shipment delays, and potential data breaches, highlighting vulnerabilities in their cybersecurity defenses.
The Everest ransomware group claims to have stolen over 1TB of data from ASUS, including sensitive camera source code and internal tools. ASUS confirmed the breach originated from a third-party supplier, asserting that it does not affect customer products or user privacy.
Fintech firm Marquis is seeking compensation from SonicWall after a breach at the firewall provider exposed critical data, enabling hackers to steal customer information during a ransomware attack. Marquis confirmed that it stored a backup of its firewall configuration in SonicWall's cloud, linking the two incidents. SonicWall has requested evidence to support Marquis' claims.
This article outlines the rise of infostealers as a major threat to identity security, highlighting their role in ransomware and data breaches. It offers practical strategies for detecting and managing these attacks, emphasizing the importance of monitoring stolen identities and utilizing operational intelligence.
Nissan has confirmed that a data breach at Red Hat led to the exposure of information for about 21,000 customers in Fukuoka, Japan. The leaked data includes names, addresses, phone numbers, and email addresses, but no financial information was compromised. This incident marks Nissan's second cybersecurity issue this year.
New Zealand's health minister has initiated a review of a cyberattack on ManageMyHealth, potentially exposing the data of over 100,000 patients. The company, which manages health records for nearly 1.85 million people, is working with cybersecurity experts to assess the breach and safeguard data. A hacker claiming responsibility has threatened to release stolen data unless a ransom is paid.
The University of Phoenix reported a data breach affecting 3.5 million individuals, discovered in November 2025 after cybercriminals targeted its systems over the summer. Compromised data includes names, birth dates, Social Security numbers, and bank information, though no leaked data has surfaced publicly. Other universities were also affected by the same campaign.
Askul, a Japanese e-commerce and logistics company, suffered a ransomware attack in October, compromising over 700,000 records. The RansomHouse group claimed responsibility and leaked data after the company refused to pay a ransom. The breach affected both customer and business partner information, disrupting logistics and operations.
Iberia has reported a data breach linked to a third-party supplier, exposing customer information like names, emails, and loyalty IDs. The airline confirmed that financial data and customer passwords were not compromised. A hacker claims to be selling 77 GB of Iberia's internal data, including sensitive technical files.
Freedom Mobile reported a data breach affecting its customer account management platform, where attackers accessed personal information of some customers. The compromised data includes names, addresses, phone numbers, and account numbers. Although no misuse of the data has been confirmed, the company advises affected customers to remain vigilant against suspicious communications.
A cyberattack on ApolloMD in May 2025 compromised the personal information of over 626,000 individuals. Hackers accessed files containing sensitive data, including names, addresses, and health insurance details, with some Social Security numbers also at risk.
The Akira ransomware group hacked Fieldtex Products, stealing over 14 GB of data, including sensitive health information. The breach, disclosed by Fieldtex, impacts 238,615 individuals, with data such as names, addresses, and insurance details compromised.
Betterment revealed that hackers accessed customer personal information through a social engineering attack. The breach allowed the attackers to send fake notifications to users about a crypto scam, although no account logins or passwords were compromised. The company is investigating the incident and has advised affected customers to ignore the fraudulent messages.
Covenant Health suffered a data breach in May 2025, affecting over 478,000 individuals. The Qilin ransomware group claimed responsibility and released stolen data, which includes personal and health information. The breach was initially reported to involve only 7,800 individuals.
Grubhub has confirmed a data breach where hackers accessed its systems and are now demanding a Bitcoin ransom. The company is investigating and has partnered with a cybersecurity firm while assuring that sensitive customer information was not compromised. Sources indicate that the ShinyHunters group is behind the extortion.
A recent AWS report identifies major security issues in cloud systems, with human errors and operational misconfigurations leading to data breaches. Despite widespread cloud adoption, concerns about cybersecurity and integration challenges persist among businesses. The report underscores the need for organizations to address these vulnerabilities as they transition to cloud-based solutions.
Brightspeed is looking into claims from the Crimson Collective that they stole data from over 1 million customers. The hackers say the breached information includes personal details, payment history, and user account information. Brightspeed is committed to keeping stakeholders informed as the investigation unfolds.
A hacker named Lovely claims to have accessed a Condé Nast database, leaking over 2.3 million user records and threatening to release an additional 40 million. While Condé Nast has been accused of neglecting security, a counterargument suggests the hacker is a criminal seeking a payoff. This breach adds to a troubling trend of cybersecurity incidents affecting high-profile companies.
The Everest ransomware group claims to have hacked Nissan, releasing screenshots of internal files and directory structures. They are demanding a response within five days or they will leak the data online. This incident adds to Nissan's history of cybersecurity breaches.
Dentsu announced a data breach affecting its subsidiary, Merkle, with hackers stealing sensitive files related to clients, suppliers, and employees. The breach was detected after unusual activity on the network, prompting immediate action and system shutdowns. Affected individuals will receive notifications and dark web monitoring services.
Hackers known as ShinyHunters leaked data from over 5 million Panera Bread customers after failing to extort the company. The breach, which involved compromised single-sign-on credentials, includes email addresses, names, and phone numbers. Experts warn this poses significant risks for further phishing and identity theft attacks.
Fintech firm Marquis reported a ransomware attack that compromised customer data for dozens of U.S. banks and credit unions. At least 400,000 individuals had their personal and financial information stolen, primarily due to a vulnerability in Marquis's SonicWall firewall. The number of affected customers is expected to increase as more notifications are filed.
The ICE-tracking service StopICE accused a CBP agent of hacking its platform to send alarming text messages to users, falsely claiming their information was compromised. The app's developer, Sherman Austin, denied the allegations and stated that StopICE does not store personal data. The service has faced numerous DDoS attacks and claims to have traced the hacking attempt back to the agent's server.
Coupang, South Korea's largest e-commerce platform, announced a data breach affecting 33.7 million customer accounts. The breach exposed personal information but not payment details, and a former employee is suspected to be involved. The government is investigating potential violations of data protection regulations.
Harvard University reported a data breach affecting alumni, donors, and some students due to a voice phishing attack. Compromised data includes personal details like email addresses and home addresses, but financial information and passwords were not affected. The university warns that this information could be used for further phishing attempts.
Javier Checa, CISO for Equifax in Europe, discusses the company's significant cybersecurity overhaul following the 2017 data breach that affected 147 million people. He highlights investments in cloud technology, a security-first culture, and the importance of transparency and collaboration in rebuilding trust.
A data breach at Coupang exposed the personal information of 33.7 million customers, traced back to a former employee who retained access after leaving. The breach, discovered in November 2025, has prompted police investigations and led to the CEO's resignation. Phishing incidents have surged in South Korea as a result.
Logitech has confirmed a data breach linked to the Clop extortion gang, which exploited a vulnerability in Oracle E-Business Suite. The stolen data may include limited employee and customer information, but sensitive data like credit card details was not compromised. This breach follows a trend of similar attacks targeting organizations through zero-day vulnerabilities.
A hacktivist group claims to have leaked 2.3TB of data affecting 36 million Mexicans. The government denies the severity, stating the exposed information is outdated and comes from previous breaches, with no sensitive data currently at risk.
Princeton University experienced a data breach on November 10, affecting a database with personal information of alumni, donors, faculty, and students. While no sensitive financial data or passwords were compromised, the breach resulted from a phone phishing attack on an employee. The university is notifying those impacted and investigating the incident.
Endesa, a major Spanish energy company, reported a data breach where hackers accessed and stole sensitive customer information, including national ID numbers and payment details. The breach affected millions of customers across Europe, prompting concerns over identity theft and security negligence.
Aflac reported a data breach impacting 22.65 million individuals. Hackers accessed sensitive information including names, Social Security numbers, and medical data. The company is offering affected individuals two years of free credit monitoring and identity theft protection.
Conduent revealed a cyberattack that may have compromised sensitive data of around 10 million individuals. The breach, linked to the SafePay ransomware group, lasted nearly three months and exposed various personal and health information, particularly affecting residents in states like Texas and Washington.
A data breach at Vitas Hospice exposed personal information of over 319,000 current and former patients, including names, addresses, and Social Security numbers. It's uncertain if the breach involved ransomware, as no group has claimed responsibility.
Hyundai AutoEver America reported a data breach that exposed personal information, including Social Security Numbers and driver's licenses. The company detected the intrusion on March 1, 2025, after hackers accessed its systems starting February 22. Approximately 2,000 individuals, mainly current and former employees, were affected.
A data breach at SitusAMC, a vendor processing mortgage data, has raised alarms among major banks like JPMorgan, Citi, and Morgan Stanley regarding potential customer data exposure. The breach, discovered on November 12, involved access to sensitive corporate and possibly client information, prompting ongoing investigations and heightened security measures.
France’s data regulator fined Free SAS and Free Mobile a total of $48 million for failing to secure personal data after a hacker accessed sensitive information of 24 million subscribers. The companies violated GDPR rules by not properly notifying customers about the breach and had inadequate security measures in place. They plan to appeal the decision, claiming the penalties are excessive.
The OnSolve CodeRED emergency alert system experienced a ransomware attack by the Inc Ransom group, leading to significant disruptions and a data breach. Affected cities and law enforcement agencies reported an inability to send emergency notifications, prompting a swift response from OnSolve to transition customers to a new platform.
Ingram Micro reported that a July 2025 ransomware attack affected 42,521 employees and job applicants, exposing personal and employment-related data. The attack, claimed by the group SafePay, led to significant operational disruptions and customer dissatisfaction due to poor communication.
LKQ Corporation has confirmed a data breach affecting over 9,000 individuals due to a cyberattack targeting Oracle's E-Business Suite. The compromised information includes sensitive personal details like Social Security Numbers and Employer Identification Numbers. The company reported that several terabytes of data were stolen, and this incident follows a previous attack on LKQ last year.
Kyowon Group, a major South Korean conglomerate, confirmed a ransomware attack that compromised customer data. The incident affected around 600 of its 800 servers, and while some data was stolen, the company has not confirmed if customer information was included. They are currently investigating the breach and working to restore services.
Cox Enterprises disclosed a data breach affecting 9,479 individuals after hackers exploited a zero-day vulnerability in Oracle E-Business Suite. The breach occurred in August, but the company only detected it in late September. Cl0p ransomware has claimed responsibility for the attack.
CIRO reported that a cybersecurity breach has compromised data for approximately 750,000 individuals. The incident raises concerns about data security and potential impacts on those affected. More details about the breach and its implications are expected to follow.
Logitech confirmed a data breach after being named a victim in the Cl0p ransomware attack related to Oracle's EBS vulnerabilities. The breach may involve limited employee and consumer data, but the company asserts that sensitive information like credit card details was not affected. Logitech does not expect significant financial repercussions from this incident.
British telco Brsk is looking into a data breach that reportedly exposed over 230,000 customer records. The stolen information includes names, addresses, and vulnerability indicators, but no financial data was compromised. Affected customers are being offered free fraud protection services.
A hacktivist scraped over 536,000 payment records from a stalkerware provider, revealing customer email addresses and partial payment details. The data includes transactions for apps like uMobix and Xnspy, which are used to spy on individuals illegally. The breach highlights ongoing security failures within the stalkerware industry.
The Richmond Behavioral Health Authority reported a ransomware attack that compromised the personal information of over 113,000 individuals. Stolen data includes names, Social Security numbers, and health information. The Qilin ransomware group has claimed responsibility for the attack.
Protei, a Russian telecom company specializing in surveillance technology, was hacked, resulting in data theft and website defacement. The breach exposed around 182 gigabytes of files, including sensitive emails, and was linked to the company's involvement with deep packet inspection systems used for censorship. The hacker's identity remains unknown.
This article explains the differences between threat intelligence and threat hunting in cybersecurity. Threat intelligence focuses on external threats and informs defenses, while threat hunting actively seeks out threats already within an organization. Both practices work together to enhance security measures.
Billions of stolen cookies are currently for sale online, with a significant percentage remaining active and exploitable, posing serious security risks to users. Cybercriminals can use these cookies to gain unauthorized access to personal accounts and sensitive data, often bypassing traditional security measures like multi-factor authentication. Experts recommend being cautious with cookie acceptance and maintaining updated security practices to mitigate these threats.
Oracle has informed clients of a second cybersecurity breach in which a hacker stole old client log-in credentials from its systems. The stolen data, which includes credentials from as recently as 2024, is being investigated by the FBI and cybersecurity firm CrowdStrike, with the company assuring clients that the compromised system has not been in use for eight years, minimizing the risk.
Andy Frain Services, a security firm, revealed that a ransomware attack by the Black Basta group has affected over 100,000 individuals, with sensitive information likely compromised. The breach, discovered in October 2024, involved the theft of 750 GB of data, prompting the company to offer credit monitoring and identity restoration services to those impacted.
The article outlines a timeline of significant events related to SK Telecom's recent data breach, detailing the implications for the company and its customers. It highlights the response measures taken by SK Telecom and the broader impact on the telecommunications industry in South Korea.
Recent reports of a massive credentials leak are misleading, as the exposed data comprises previously stolen credentials collected over time from infostealers and data breaches, rather than a new data breach. Users are advised to maintain good cybersecurity practices, including using unique passwords and enabling two-factor authentication to protect their accounts from potential threats.
Connex Credit Union has reported a data breach impacting 172,000 individuals, with hackers likely stealing personal information such as names, account numbers, and Social Security numbers. The breach was detected on June 3, and while no unauthorized access to member accounts has been found, the organization is warning customers about potential scam calls and messages.
Verizon's report emphasizes a significant oversight in mobile cybersecurity, revealing that organizations often neglect mobile security despite the rise of smishing attacks. With a high percentage of employees falling victim to these attacks, the report calls for better security practices and awareness to mitigate risks associated with personal mobile devices.
A security researcher discovered an SQL injection vulnerability in the Catwatchful stalkerware service, leading to the compromise of over 60,000 user accounts, including plaintext logins and passwords. After reporting the vulnerability, actions were taken to shut down the service and investigate its operators, highlighting the risks associated with such spyware applications.
Hawaiian Airlines reported a cybersecurity incident affecting its IT systems, discovered on June 23, but confirmed that flights continue to operate safely. Experts suggest the attack may be linked to the Scattered Spider group, known for targeting various industries, and the airline is working with authorities to investigate the breach.
Manpower, a major staffing agency, has disclosed a data breach affecting nearly 145,000 individuals after attackers accessed its systems in late December 2024. The RansomHub ransomware group claimed responsibility for the attack, reportedly stealing around 500GB of sensitive data, including personal client information. In response, Manpower is enhancing its IT security and offering affected individuals free credit monitoring services.
DaVita, a leading kidney dialysis provider in the U.S., reported a ransomware attack that encrypted parts of its network and affected some operations over the weekend. The company activated response protocols to contain the incident and continues to provide patient care while investigating the breach's full scope, which may involve stolen patient data.
Valsoft Corporation has reported a data breach affecting over 160,000 individuals, discovered on February 14, 2025. The breach involved unauthorized access to a non-production network of its subsidiary, Aspire USA, where personal information such as names, Social Security numbers, and financial details were compromised. The company is offering 12 months of free credit monitoring and has implemented enhanced security measures following the incident.
PowerSchool has reported that the hacker behind a December cyberattack is now extorting individual school districts, threatening to release stolen student and teacher data unless a ransom is paid. Despite previously paying a ransom to prevent such an incident, PowerSchool acknowledges that the threat actor has not kept their promise to delete the data, leading to renewed extortion attempts against affected schools.
Insight Partners has confirmed that a ransomware attack in January compromised the personal data of over 12,000 individuals, including employees and limited partners. The breach, initially described as a "sophisticated social engineering attack," involved unauthorized access to HR and finance servers, with details of the stolen data remaining undisclosed. The firm has since enhanced its security measures and offered credit monitoring to those affected.
GlobalX, a charter airline involved in deportation flights for the U.S. government, experienced a cybersecurity breach resulting in the potential theft of flight records and passenger manifests. The company has activated its incident response protocols and is investigating the scope of the attack while maintaining that its operations have not been disrupted. Reports suggest the attackers may have already leaked information regarding the incident.
Onsite Mammography, a Massachusetts medical provider, has reported a data breach that has compromised the personal and health information of over 350,000 patients. The breach, discovered in October 2024, involved unauthorized access to an employee's email account, leading to exposure of sensitive data including Social Security numbers and medical information. The company is offering affected individuals 12 months of free credit monitoring and identity protection services.
A 19-year-old college student, Matthew D. Lane, pleaded guilty to charges related to a cyberattack on PowerSchool that extorted millions by threatening to leak sensitive personal data of millions of students and teachers. The attack involved breaching a telecommunications company to access and steal confidential information before demanding a ransom from PowerSchool and subsequently targeting individual school districts for further extortion.
The Alcohol & Drug Testing Service (TADTS) has reported a data breach affecting approximately 750,000 individuals, following a ransomware attack in July 2024. Compromised data includes sensitive personal information such as Social Security numbers, financial details, and health insurance information.
Laboratory Services Cooperative has reported a significant data breach affecting 1.6 million individuals, with personal and medical information stolen during an October 2024 cyberattack. The organization is providing affected individuals with free credit monitoring and identity protection services while monitoring the dark web for any misuse of the stolen data.
French retailer Auchan has been targeted by a significant cyberattack, resulting in compromised customer data and operational disruptions. The incident highlights the increasing vulnerability of retail businesses to cyber threats, prompting a call for enhanced security measures and response strategies in the industry.
The article discusses a ransomware attack targeting SimpleHelp, compromising its infrastructure and impacting users. This incident highlights the ongoing threats posed by ransomware and the importance of cybersecurity measures for businesses and service providers.
IdeaLab has confirmed that sensitive data was stolen during a ransomware attack last October, attributed to the Hunters International group. The breach affected current and former employees and contractors, with 137,000 files leaked on the dark web, prompting the company to offer identity theft protection to impacted individuals.
The Zurich-based non-profit health foundation Radix suffered a ransomware attack that compromised the data of several Swiss federal offices. The Sarcoma ransomware group released 1.3TB of stolen data on the dark web after ransom demands were ignored, although the Swiss National Cyber Security Center confirmed that Radix did not have direct access to federal systems.
A ransomware attack in Ohio has disrupted the operations of a local government agency, affecting over 45,000 residents. The attack has prompted an investigation and raised concerns about cybersecurity measures in place to protect sensitive information.
A significant data breach has been reported at the Bangalore Water Supply and Sewerage Board, compromising the personal information of over 290,000 citizens. The cybersecurity firm CloudSEK discovered this vulnerability, raising concerns about the potential misuse of the sensitive data exposed in the breach.
A Michigan rural health system has notified approximately 140,000 patients of a data breach resulting from a hacking incident. The breach highlights ongoing concerns regarding cybersecurity in the healthcare sector, particularly the risks associated with unauthorized access to protected health information.
Allianz Life has reported a significant data breach affecting approximately 1.1 million customers. The breach allegedly involved unauthorized access to sensitive personal information, raising concerns about data security and privacy for those impacted.
Farmers Insurance has reported a data breach that compromised the personal information of more than one million individuals, including names, addresses, dates of birth, and Social Security numbers. The breach was discovered shortly after the data theft occurred, but it remains unclear whether a third-party vendor was involved in a ransomware attack.
Mainline Health Systems and Select Medical Holdings have reported data breaches affecting over 100,000 individuals. Mainline Health's breach was linked to the Inc Ransom ransomware group, while Select Medical's data exposure resulted from a security incident involving a former vendor.
A hacking group has reportedly stolen over 1 billion records from Salesforce customer databases, raising significant concerns about data security and the potential repercussions for affected companies. The breach underscores the vulnerabilities in cloud services and the ongoing threat posed by cybercriminals.
The article delves into the Gentlemen ransomware, exploring its modus operandi and the tactics employed by its operators. It highlights the impact of such ransomware on victims and discusses the broader implications for cybersecurity and ransomware trends.
Dell has acknowledged that hackers leaked data from a compromised demo environment, but insists the information is synthetic and does not include any sensitive data. The breach was linked to the WorldLeaks group, which claimed to have stolen 1.3 terabytes of information. Dell emphasizes that the compromised environment is separate from its main systems and contains only non-sensitive information.
French retailer Auchan has reported a data breach affecting several hundred thousand customers, compromising sensitive information linked to loyalty accounts, such as names, addresses, and contact details. The company has notified affected individuals and the French Data Protection Authority, advising them to be cautious of potential phishing attempts. However, bank data and passwords remain secure following the incident.
A critical vulnerability in file transfer protocols has been exploited, leading the Cybersecurity and Infrastructure Security Agency (CISA) to issue an alert. The flaw allows unauthorized access and potential data breaches, prompting organizations to update their systems and mitigate risks immediately.
Medusa ransomware has been linked to a significant data breach at Comcast, exposing sensitive customer information. The breach highlights the increasing vulnerabilities of large corporations to cyberattacks and the need for enhanced security measures.
A data breach at Canadian airline WestJet has compromised the personal information of approximately 1.2 million passengers. The airline is investigating the incident and has notified affected individuals about the potential risks to their data security.
Coinbase experienced a significant data breach in 2025 that compromised the personal information of nearly 70,000 users due to unauthorized access by outsourced call center agents in India. The attackers leveraged social engineering tactics, leading to a rise in phishing attempts, while Coinbase faced estimated remediation costs between $180 million to $400 million and launched a bounty for information on the perpetrators. The incident has sparked discussions on the vulnerabilities associated with outsourcing sensitive customer data management.
Fairmont Federal Credit Union in West Virginia has notified approximately 187,000 individuals of a data breach that exposed sensitive personal information, including Social Security numbers and financial details. The breach, detected in January 2024, is linked to vulnerabilities in third-party software or employee phishing attacks, highlighting the ongoing cybersecurity challenges faced by smaller financial institutions. Affected individuals are being offered credit monitoring services while investigations into potential negligence and class-action claims are underway.