A security researcher discovered an SQL injection vulnerability in the Catwatchful stalkerware service, leading to the compromise of over 60,000 user accounts, including plaintext logins and passwords. After reporting the vulnerability, actions were taken to shut down the service and investigate its operators, highlighting the risks associated with such spyware applications.

Rainwalk, a pet insurance provider, has reportedly exposed sensitive customer data related to 158,000 pets, including personal and medical information. This data breach raises significant concerns about privacy and data security within the pet insurance industry as affected customers face potential identity theft and fraud risks.

A company known for selling spyware to monitor sex offenders has reportedly suffered a data breach, exposing sensitive information. The hack raises concerns about the security measures in place for companies dealing with sensitive data related to criminal monitoring.

A hard-coded API key was discovered in an AI note-taking app, leading to the exposure of users' private meeting transcripts. This vulnerability raises significant concerns about data security and user privacy within the application. Immediate actions are needed to address and rectify such security flaws to protect user information.

A data breach at Blue Shield of California has exposed the health information of millions of individuals to Google. The breach highlights significant concerns regarding data privacy and the security measures in place within large health insurance companies. Authorities are investigating the incident to assess the extent of the exposure and its implications.

Password Monitor is an open-source application that helps users verify if their passwords have been compromised in data breaches by integrating with Have I Been Pwned?. It prioritizes user privacy, does not collect personal data, and allows users to verify the integrity of the application files through SHA-256 hashing. The app features a modern design and supports both light and dark themes without ads.

Fully Homomorphic Encryption (FHE) enables computations on encrypted data without decryption, potentially transforming internet privacy by keeping user data encrypted at all times. Despite current limitations in speed and efficiency, rapid advancements suggest FHE could soon support secure cloud computing and confidential transactions, shifting the paradigm from data harvesting to user privacy.

LexisNexis, a major data broker, has reported a security breach that compromised the personal information of over 364,000 individuals. The exposed data included sensitive details, raising concerns about data privacy and security practices within the company.

A cybersecurity breach at University of Chicago Medicine may have exposed the personal information of 38,000 patients, including names, Social Security numbers, and medical data. The breach occurred in July 2024 through a third-party vendor, Nationwide Recovery Systems, which has since been terminated. UChicago Medicine is notifying affected patients by mail and has implemented measures to enhance security.

A significant data breach at Mango has exposed sensitive customer information, raising concerns about privacy and security. Investigations are ongoing to determine the full extent of the breach and its implications for affected users. Customers are advised to take precautions to safeguard their personal data in the wake of this incident.

Pakistanis are being urged to change all their passwords immediately following a significant global data breach that has compromised numerous accounts. Authorities recommend enhancing security measures to protect personal information from potential exploitation.

AT&T has reached a settlement regarding data breaches that occurred between 2019 and 2024, which affected customer data and privacy. The agreement addresses compensation for affected individuals and outlines measures to enhance data security moving forward.

Brosix and Chatox, two messaging platforms, failed to uphold their promises of secure communication, exposing users' chats to potential breaches. This raises concerns about the reliability of privacy assurances from messaging services.

Legends International has informed customers and employees of a data breach resulting from a cyberattack. Compromised information includes personally identifiable information such as Social Security numbers, dates of birth, and payment details, although the specifics of the attack and the number of affected individuals remain unclear.

Nearly 250,000 individuals were impacted by a data breach at Medical Associates of Brevard, a healthcare organization in Florida. The BianLian ransomware group claimed responsibility for the attack, which involved the theft of personal and protected health information. The breach was discovered in January 2025, and the organization has since notified authorities and affected individuals.

The Tea app has suffered a major data breach, exposing over 59 GB of sensitive user data, including selfies and private messages, with a second database revealing 1.1 million messages exchanged between members. Initially intended as a safe platform for women, the leak has led to potential social engineering threats and the creation of a site for rating exposed selfies. Tea is collaborating with cybersecurity experts and law enforcement to address the incident and enhance security measures.

A security vulnerability in the Verizon Call Filter iOS app allowed unauthorized access to the call history of any Verizon customer by manipulating network requests, raising significant privacy and safety concerns for vulnerable individuals. The flaw was reported and promptly fixed by Verizon, highlighting the importance of securing sensitive user data in telecommunications.

A threat actor is reportedly selling a massive database containing 1.2 billion records from Facebook, raising significant privacy and security concerns. The breach includes personal information, such as phone numbers and user IDs, which could be exploited for various malicious activities. Experts are urging users to enhance their online security and remain vigilant against potential scams or breaches.

A significant data breach involving Prephero has compromised sensitive information, raising concerns about the security of user data. The incident highlights the ongoing risks associated with digital privacy and the need for enhanced cybersecurity measures.

Vodafone GmbH has been fined €45 million ($51.4 million) by Germany's data protection authority for privacy and security violations, including fraud committed by employees of partner agencies and vulnerabilities in its authentication systems. The company has since revamped its processes, severed ties with fraudulent partners, and cooperated fully with the investigation. Vodafone has also donated to organizations focused on data protection and media literacy.

Western Sydney University has experienced a significant data breach, marking the second such incident within a short period. The breach has raised concerns about the university's data security measures and the potential impact on affected individuals.

UK retail giant Co-op has confirmed that hackers have stolen all 6.5 million customer records, raising concerns about data security and privacy. The breach has prompted investigations and warnings for customers to monitor their accounts for suspicious activity.

A significant data breach at the Australian Human Rights Commission has resulted in the exposure of personal information, raising concerns about data security and privacy. The incident highlights vulnerabilities in handling sensitive information and the potential risks to individuals affected by the breach.

A dating app named Raw has come under scrutiny for exposing users' location data and personal information, raising serious concerns about privacy and data security. This breach has prompted discussions on the need for better protections in the dating app industry to safeguard user information against potential misuse.

Ascension has reported a significant data breach affecting the personal information of 437,329 patients due to a cyberattack. The exposed data includes sensitive details such as names, dates of birth, and medical information, prompting concerns about patient privacy and security. Authorities are investigating the incident while affected individuals are being notified.