Rainwalk, a pet insurance provider, has reportedly exposed sensitive customer data related to 158,000 pets, including personal and medical information. This data breach raises significant concerns about privacy and data security within the pet insurance industry as affected customers face potential identity theft and fraud risks.

Wealthsimple, a Canadian financial services firm, has reported a data breach affecting the personal data of less than 1% of its customers. The company confirmed that no funds or passwords were compromised, and it is offering affected users two years of complimentary credit monitoring and security advice. The breach was linked to a third-party software package and is not related to ongoing Salesforce data theft incidents.

Hackers are employing a sophisticated phishing technique that leverages legitimate Microsoft links and Active Directory Federation Services (ADFS) to redirect users to a counterfeit site designed to steal Microsoft 365 logins. By utilizing a trusted domain for redirection, attackers can bypass standard security measures, including multi-factor authentication. Researchers recommend monitoring for ADFS redirects and scrutinizing Google ads for potential malicious links.

The State Bar of Texas has reported a data breach after the INC ransomware gang claimed responsibility and leaked samples of stolen data. The breach occurred between January 28 and February 9, 2025, but was only discovered on February 12, leading to notifications sent to affected members and the offer of credit monitoring services.

Kelly Benefits has reported a data breach affecting over 550,000 customers, where unauthorized access to its IT systems occurred between December 12-17, 2024. The compromised information includes personal details such as names, Social Security numbers, and health insurance data, prompting the company to offer credit monitoring services to affected individuals.

Chess.com reported a data breach involving unauthorized access to a third-party file transfer application, affecting over 4,500 users' personally identifiable information. The platform has emphasized that its own infrastructure remains secure and no financial data was compromised, while offering impacted users identity theft protection services. Previous incidents include a massive scraping of user data due to an API flaw in November 2023.