Sax, a major US accounting firm, reported a data breach affecting about 220,000 individuals. The breach went undetected for over a year, raising concerns about the firm's cybersecurity measures and the potential exposure of sensitive personal and financial information.

Proxyearth is a website that allows users to find detailed personal information about any Indian citizen using just their mobile number. It reveals sensitive data, including Aadhaar numbers and home addresses, raising serious concerns about privacy and security in India. The tool likely exploits past data breaches, putting millions at risk of surveillance and profiling.

Moltbook, a social network for AI agents, suffered a major security breach due to a misconfigured Supabase database, exposing 1.5 million API keys and personal data of 17,000 human users. The incident highlights risks in quickly developed applications without adequate security measures.

A data breach at the Minnesota Department of Human Services exposed the private information of nearly 304,000 individuals. While there’s no evidence of misuse, the state is monitoring for fraudulent activity and has advised those affected to check their health care statements and credit reports.

Researchers found a significant security flaw in WhatsApp that allowed hackers to easily access phone numbers and some profile information for all 3.5 billion users. Despite being warned about the issue since 2017, Meta only implemented a fix in October 2023. Users are urged to review their privacy settings to protect their information.

CIRO reported that a cybersecurity breach has compromised data for approximately 750,000 individuals. The incident raises concerns about data security and potential impacts on those affected. More details about the breach and its implications are expected to follow.

Pornhub has alerted Premium members about potential sextortion emails following a data breach at a third-party analytics provider. While no passwords or payment info were leaked, users should be vigilant for blackmail attempts and follow safety guidelines if they receive suspicious emails.

A hacktivist scraped over 536,000 payment records from a stalkerware provider, revealing customer email addresses and partial payment details. The data includes transactions for apps like uMobix and Xnspy, which are used to spy on individuals illegally. The breach highlights ongoing security failures within the stalkerware industry.

A security researcher discovered an SQL injection vulnerability in the Catwatchful stalkerware service, leading to the compromise of over 60,000 user accounts, including plaintext logins and passwords. After reporting the vulnerability, actions were taken to shut down the service and investigate its operators, highlighting the risks associated with such spyware applications.

Rainwalk, a pet insurance provider, has reportedly exposed sensitive customer data related to 158,000 pets, including personal and medical information. This data breach raises significant concerns about privacy and data security within the pet insurance industry as affected customers face potential identity theft and fraud risks.

A company known for selling spyware to monitor sex offenders has reportedly suffered a data breach, exposing sensitive information. The hack raises concerns about the security measures in place for companies dealing with sensitive data related to criminal monitoring.

A hard-coded API key was discovered in an AI note-taking app, leading to the exposure of users' private meeting transcripts. This vulnerability raises significant concerns about data security and user privacy within the application. Immediate actions are needed to address and rectify such security flaws to protect user information.

A data breach at Blue Shield of California has exposed the health information of millions of individuals to Google. The breach highlights significant concerns regarding data privacy and the security measures in place within large health insurance companies. Authorities are investigating the incident to assess the extent of the exposure and its implications.

Password Monitor is an open-source application that helps users verify if their passwords have been compromised in data breaches by integrating with Have I Been Pwned?. It prioritizes user privacy, does not collect personal data, and allows users to verify the integrity of the application files through SHA-256 hashing. The app features a modern design and supports both light and dark themes without ads.

Fully Homomorphic Encryption (FHE) enables computations on encrypted data without decryption, potentially transforming internet privacy by keeping user data encrypted at all times. Despite current limitations in speed and efficiency, rapid advancements suggest FHE could soon support secure cloud computing and confidential transactions, shifting the paradigm from data harvesting to user privacy.

LexisNexis, a major data broker, has reported a security breach that compromised the personal information of over 364,000 individuals. The exposed data included sensitive details, raising concerns about data privacy and security practices within the company.

A cybersecurity breach at University of Chicago Medicine may have exposed the personal information of 38,000 patients, including names, Social Security numbers, and medical data. The breach occurred in July 2024 through a third-party vendor, Nationwide Recovery Systems, which has since been terminated. UChicago Medicine is notifying affected patients by mail and has implemented measures to enhance security.

A significant data breach at Mango has exposed sensitive customer information, raising concerns about privacy and security. Investigations are ongoing to determine the full extent of the breach and its implications for affected users. Customers are advised to take precautions to safeguard their personal data in the wake of this incident.

Pakistanis are being urged to change all their passwords immediately following a significant global data breach that has compromised numerous accounts. Authorities recommend enhancing security measures to protect personal information from potential exploitation.

Brosix and Chatox, two messaging platforms, failed to uphold their promises of secure communication, exposing users' chats to potential breaches. This raises concerns about the reliability of privacy assurances from messaging services.

AT&T has reached a settlement regarding data breaches that occurred between 2019 and 2024, which affected customer data and privacy. The agreement addresses compensation for affected individuals and outlines measures to enhance data security moving forward.

Legends International has informed customers and employees of a data breach resulting from a cyberattack. Compromised information includes personally identifiable information such as Social Security numbers, dates of birth, and payment details, although the specifics of the attack and the number of affected individuals remain unclear.

Nearly 250,000 individuals were impacted by a data breach at Medical Associates of Brevard, a healthcare organization in Florida. The BianLian ransomware group claimed responsibility for the attack, which involved the theft of personal and protected health information. The breach was discovered in January 2025, and the organization has since notified authorities and affected individuals.

The Tea app has suffered a major data breach, exposing over 59 GB of sensitive user data, including selfies and private messages, with a second database revealing 1.1 million messages exchanged between members. Initially intended as a safe platform for women, the leak has led to potential social engineering threats and the creation of a site for rating exposed selfies. Tea is collaborating with cybersecurity experts and law enforcement to address the incident and enhance security measures.

A security vulnerability in the Verizon Call Filter iOS app allowed unauthorized access to the call history of any Verizon customer by manipulating network requests, raising significant privacy and safety concerns for vulnerable individuals. The flaw was reported and promptly fixed by Verizon, highlighting the importance of securing sensitive user data in telecommunications.

A threat actor is reportedly selling a massive database containing 1.2 billion records from Facebook, raising significant privacy and security concerns. The breach includes personal information, such as phone numbers and user IDs, which could be exploited for various malicious activities. Experts are urging users to enhance their online security and remain vigilant against potential scams or breaches.

A significant data breach involving Prephero has compromised sensitive information, raising concerns about the security of user data. The incident highlights the ongoing risks associated with digital privacy and the need for enhanced cybersecurity measures.

Vodafone GmbH has been fined €45 million ($51.4 million) by Germany's data protection authority for privacy and security violations, including fraud committed by employees of partner agencies and vulnerabilities in its authentication systems. The company has since revamped its processes, severed ties with fraudulent partners, and cooperated fully with the investigation. Vodafone has also donated to organizations focused on data protection and media literacy.

Western Sydney University has experienced a significant data breach, marking the second such incident within a short period. The breach has raised concerns about the university's data security measures and the potential impact on affected individuals.

UK retail giant Co-op has confirmed that hackers have stolen all 6.5 million customer records, raising concerns about data security and privacy. The breach has prompted investigations and warnings for customers to monitor their accounts for suspicious activity.

A significant data breach at the Australian Human Rights Commission has resulted in the exposure of personal information, raising concerns about data security and privacy. The incident highlights vulnerabilities in handling sensitive information and the potential risks to individuals affected by the breach.

A dating app named Raw has come under scrutiny for exposing users' location data and personal information, raising serious concerns about privacy and data security. This breach has prompted discussions on the need for better protections in the dating app industry to safeguard user information against potential misuse.

Ascension has reported a significant data breach affecting the personal information of 437,329 patients due to a cyberattack. The exposed data includes sensitive details such as names, dates of birth, and medical information, prompting concerns about patient privacy and security. Authorities are investigating the incident while affected individuals are being notified.