A hacker claims to have accessed and plans to sell about 1.2 million lines of personal data from the University of Pennsylvania, including donor information and internal documents. They assert that financial gain, not ideological motives, drove the breach, distancing themselves from previous university hacks linked to anti-diversity efforts.

A 16TB unsecured MongoDB database was discovered, containing around 4.3 billion professional records, primarily linked to personal data like emails and job histories. Researchers believe this data could facilitate targeted cyber attacks, including phishing and corporate fraud. The database's ownership is still unclear, but it may belong to a lead-generation company.

A massive data breach allegedly linked to Under Armour has exposed the email addresses and personal details of over 72 million people. The Everest ransomware group claims responsibility, and the leaked data includes sensitive information like names, addresses, and purchase history, raising concerns about identity theft and phishing.

A data breach at 700Credit has compromised the personal information of at least 5.6 million individuals, including names and Social Security numbers. The breach, attributed to an unknown hacker, involved data collected from auto dealerships between May and October 2025. Affected individuals are encouraged to take protective measures, such as credit monitoring.

Tokyo FM Broadcasting Co. was hacked on January 1, 2026, with a group claiming to have stolen over 3 million records. The stolen data includes names, birthdays, email addresses, IP addresses, and internal login IDs, raising significant security concerns for listeners and employees. Verification of the claims is still pending.

Conduent revealed a cyberattack that may have compromised sensitive data of around 10 million individuals. The breach, linked to the SafePay ransomware group, lasted nearly three months and exposed various personal and health information, particularly affecting residents in states like Texas and Washington.

Petco reported a data breach that compromised customer personal information due to a software application error. The company is offering free credit monitoring to affected individuals but hasn't disclosed how many customers were impacted or what specific data was exposed.

French retailer Auchan has reported a data breach affecting several hundred thousand customers, compromising sensitive information linked to loyalty accounts, such as names, addresses, and contact details. The company has notified affected individuals and the French Data Protection Authority, advising them to be cautious of potential phishing attempts. However, bank data and passwords remain secure following the incident.

Hackers have leaked personal data of approximately 86 million AT&T customers, including names, addresses, and decrypted Social Security numbers. The breach has raised significant concerns about data security and the implications for affected individuals. AT&T has not confirmed the authenticity of the leaked data but is investigating the incident.

UAP has confirmed a ransomware attack that compromised personal data and email correspondence of its users. The breach raises concerns over data security and the potential misuse of sensitive information. UAP is currently investigating the incident and taking measures to enhance security protocols.

A significant data breach at the UK's Legal Aid Agency has exposed millions of personal records from legal aid applicants dating back to 2010, including addresses and financial information. The Ministry of Justice confirmed the attack was detected in late April but the extent of the breach was only understood mid-May, prompting advice for affected individuals to be vigilant against potential scams. The agency is currently working to enhance security and has taken its online services offline to protect users.

Allianz Life has reported that hackers stole personal information from the majority of its 1.4 million North American customers through a cyber-attack that exploited a third-party CRM system. The company has taken immediate action to contain the breach and is notifying affected individuals, while stating that its own systems remain secure.

Zoomcar, India's largest car-sharing app, has reported a significant data breach affecting 8.4 million customers. The exposed information includes names, phone numbers, and personal addresses, though the company asserts that sensitive financial data was not compromised. In response, Zoomcar is enhancing its security measures to prevent future incidents.

Prospect, a UK trade union, has notified its members of a data breach that exposed sensitive personal information, including sexual orientation and disabilities, affecting up to 160,000 individuals. The breach occurred in June 2025, but members were only informed recently, and the union is offering credit and identity monitoring services to mitigate risks. Prospect is actively investigating the incident and has advised members to enhance their personal security measures.

Hertz has confirmed that a data breach has resulted in the theft of customers' personal data, including drivers' licenses. The company is currently investigating the incident and working to notify affected individuals. This breach raises concerns about data security within the car rental industry.