Pandora has confirmed a cyber attack that compromised customer data through a third-party vendor. The breach has raised significant security concerns as sensitive information may have been exposed, prompting the company to investigate the extent of the incident and reinforce its data protection measures.

WestJet is investigating a cyberattack that disrupted access to its internal systems and app, affecting user logins. The airline has activated specialized teams in collaboration with law enforcement to address the breach while ensuring safety and protecting sensitive data. Although some services have been restored, it remains unclear whether the incident was a ransomware attack or a precautionary shutdown of systems.

Wealthsimple, a Canadian financial services firm, has reported a data breach affecting the personal data of less than 1% of its customers. The company confirmed that no funds or passwords were compromised, and it is offering affected users two years of complimentary credit monitoring and security advice. The breach was linked to a third-party software package and is not related to ongoing Salesforce data theft incidents.

Rainwalk, a pet insurance provider, has reportedly exposed sensitive customer data related to 158,000 pets, including personal and medical information. This data breach raises significant concerns about privacy and data security within the pet insurance industry as affected customers face potential identity theft and fraud risks.

A critical vulnerability has been discovered in Salesforce's AgentForce, which could potentially allow unauthorized access to sensitive data. This flaw poses significant risks, prompting immediate attention and action from Salesforce to secure their systems and protect user information.

Google has warned users of the Salesloft Drift AI chat agent that their security tokens may be compromised following a breach that allowed attackers to access Google Workspace accounts. The situation is more extensive than initially reported, prompting Google to revoke affected tokens and disable integrations, while Salesloft has not yet updated its security guidance to reflect the new findings.

A company known for selling spyware to monitor sex offenders has reportedly suffered a data breach, exposing sensitive information. The hack raises concerns about the security measures in place for companies dealing with sensitive data related to criminal monitoring.

A hard-coded API key was discovered in an AI note-taking app, leading to the exposure of users' private meeting transcripts. This vulnerability raises significant concerns about data security and user privacy within the application. Immediate actions are needed to address and rectify such security flaws to protect user information.

Plex has notified its users to change their passwords following a recent data breach that may have compromised user account information. The company is taking steps to enhance security and protect user data in light of the incident.

A significant data breach at Lotte Card has exposed personal information of over 1 million users, with estimates suggesting the leak could impact several million. The Financial Supervisory Service's investigation revealed the breach was much larger than the initially reported 1.7 GB. Lotte Card is set to apologize and announce response measures on the 18th.

The article discusses the exposure of confidential informants within the Louisiana Sheriff's Office following a significant hack. Sensitive information was leaked, raising concerns about the safety and privacy of those involved in law enforcement operations. The breach highlights vulnerabilities in law enforcement data security and its potential consequences.

Northwest Radiologists has experienced a significant data breach affecting approximately 350,000 patients in Washington. The breach, which involves sensitive personal information, highlights ongoing concerns about data security in the healthcare sector. Affected individuals are being notified and offered assistance to mitigate potential risks.

Hackers have leaked personal data of approximately 86 million AT&T customers, including names, addresses, and decrypted Social Security numbers. The breach has raised significant concerns about data security and the implications for affected individuals. AT&T has not confirmed the authenticity of the leaked data but is investigating the incident.

Fully Homomorphic Encryption (FHE) enables computations on encrypted data without decryption, potentially transforming internet privacy by keeping user data encrypted at all times. Despite current limitations in speed and efficiency, rapid advancements suggest FHE could soon support secure cloud computing and confidential transactions, shifting the paradigm from data harvesting to user privacy.

Coinbase has reported a data breach that affects at least 69,000 customers, potentially exposing sensitive information. The company is investigating the incident and has advised affected users to secure their accounts and monitor for suspicious activity.

Conduent, a major American business services and government contractor, confirmed that client data was stolen during a cyberattack in January 2025. The breach involved personal information of individuals associated with the company's clients, though there are currently no indications that the data has been made public. Conduent is assessing the impact of the breach and informing clients as necessary.

UAP has confirmed a ransomware attack that compromised personal data and email correspondence of its users. The breach raises concerns over data security and the potential misuse of sensitive information. UAP is currently investigating the incident and taking measures to enhance security protocols.

A significant data breach at Mango has exposed sensitive customer information, raising concerns about privacy and security. Investigations are ongoing to determine the full extent of the breach and its implications for affected users. Customers are advised to take precautions to safeguard their personal data in the wake of this incident.

A security vulnerability in Verizon's Call Filter app allowed unauthorized access to incoming call logs of other users through an unsecured API request. Discovered by researcher Evan Connelly, the flaw was addressed by Verizon in March 2025, but the exposure duration remains unknown, raising concerns about the handling of sensitive user data.

Education giant Pearson was hit by a cyberattack that allowed threat actors to steal customer and corporate data, primarily consisting of "legacy data." The breach was facilitated by an exposed GitLab Personal Access Token, which gave attackers access to internal systems and cloud services, resulting in significant data theft affecting millions of individuals. Pearson has confirmed the incident and is enhancing their security measures but has not disclosed details about the ransom or the extent of customer impact.

Harrods has been contacted by hackers after a data breach compromised the records of 430,000 customers, though the stolen information does not include passwords or payment details. The company has assured customers that the breach involved only basic personal data and is cooperating with authorities. This incident is part of a larger trend of cyber-attacks affecting major UK businesses in recent months.

Marks & Spencer has confirmed that personal data of its customers was compromised during a recent hacking incident. The breach has raised concerns about the safety of customer information and the company's security measures.

Pakistanis are being urged to change all their passwords immediately following a significant global data breach that has compromised numerous accounts. Authorities recommend enhancing security measures to protect personal information from potential exploitation.

Paraguay experienced a significant data breach, resulting in the leak of records belonging to approximately 7.4 million citizens on the dark web. This incident raises concerns about personal data security and the potential implications for those affected. Authorities are investigating the breach to determine its cause and prevent future incidents.

CI/CD servers are vulnerable to attacks that can compromise source code and sensitive data, making their security critical. The article outlines essential steps to enhance the security of CI/CD servers and highlights the risks associated with security breaches. By prioritizing security measures, organizations can protect themselves from potential data breaches and attacks.

The State Bar of Texas has reported a data breach after the INC ransomware gang claimed responsibility and leaked samples of stolen data. The breach occurred between January 28 and February 9, 2025, but was only discovered on February 12, leading to notifications sent to affected members and the offer of credit monitoring services.

PagerDuty has reported a security incident involving a breach of its Salesforce data due to a vulnerability in Salesloft's Drift application. The breach exposed customer support information, including names and contact details, although no PagerDuty credentials were compromised. The company is actively investigating the matter and has taken steps to mitigate the risks, including disabling the integration with Drift and advising customers to rotate their API keys.

Brosix and Chatox, two messaging platforms, failed to uphold their promises of secure communication, exposing users' chats to potential breaches. This raises concerns about the reliability of privacy assurances from messaging services.

Manpower confirmed that a ransomware attack on its Lansing franchise resulted in the theft of personal information from 144,189 individuals. The breach, attributed to the RansomHub extortion group, involved unauthorized access to sensitive data, prompting the company to offer affected individuals credit monitoring services. ManpowerGroup maintains that its corporate systems were not compromised and is supporting the franchise in its response to the incident.

AT&T has reached a settlement regarding data breaches that occurred between 2019 and 2024, which affected customer data and privacy. The agreement addresses compensation for affected individuals and outlines measures to enhance data security moving forward.

Doctors Imaging Group experienced a significant data breach impacting approximately 171,000 individuals. The breach involved unauthorized access to sensitive patient information, prompting an investigation and notifications to affected individuals. Security measures are being reassessed to prevent future incidents.

Hackers compromised a third-party customer service provider for Discord, stealing partial payment information and personally identifiable data from a limited number of users. The breach, which occurred on September 20, involved unauthorized access to sensitive user data, including government IDs, names, and billing information, and hackers demanded a ransom to avoid leaking the stolen information. Discord has since taken steps to secure its systems and is investigating the incident.

Security researchers discovered that a weak password used by Paradox.ai allowed access to sensitive personal information of millions of job applicants for McDonald's, exposing 64 million records. Additionally, a malware infection on a Paradox developer's device compromised various internal and third-party credentials, raising concerns about the company's security practices despite previous audits.

A security vulnerability in the Verizon Call Filter iOS app allowed unauthorized access to the call history of any Verizon customer by manipulating network requests, raising significant privacy and safety concerns for vulnerable individuals. The flaw was reported and promptly fixed by Verizon, highlighting the importance of securing sensitive user data in telecommunications.

A researcher identified vulnerabilities in internal Intel websites that exposed the personal information of 270,000 employees, including names, email addresses, and phone numbers. Although Intel promptly patched these issues, the researcher noted that sensitive data such as Social Security numbers were not compromised. Intel claims there was no data breach or unauthorized access.

Kelly Benefits has reported a data breach affecting over 550,000 customers, where unauthorized access to its IT systems occurred between December 12-17, 2024. The compromised information includes personal details such as names, Social Security numbers, and health insurance data, prompting the company to offer credit monitoring services to affected individuals.

Qantas has announced a 15% reduction in executive bonuses following a data breach that occurred in July. The decision reflects the company's commitment to accountability and addressing the repercussions of the incident on its customers and stakeholders.

Chess.com reported a data breach involving unauthorized access to a third-party file transfer application, affecting over 4,500 users' personally identifiable information. The platform has emphasized that its own infrastructure remains secure and no financial data was compromised, while offering impacted users identity theft protection services. Previous incidents include a massive scraping of user data due to an API flaw in November 2023.

A security incident at a startup revealed vulnerabilities in their admin panel due to weak password usage and inadequate access controls, allowing an attacker to exfiltrate sensitive customer data. The experience highlighted the importance of robust authorization systems and the significant fallout that can occur from neglecting security measures. The aftermath involved extensive remediation efforts and a reevaluation of the company's security posture.

Vodafone GmbH has been fined €45 million ($51.4 million) by Germany's data protection authority for privacy and security violations, including fraud committed by employees of partner agencies and vulnerabilities in its authentication systems. The company has since revamped its processes, severed ties with fraudulent partners, and cooperated fully with the investigation. Vodafone has also donated to organizations focused on data protection and media literacy.

Claims regarding a major security warning in Gmail are unfounded, as Google's protections are robust and effective. The article emphasizes the strength of Gmail's security measures, countering rumors and misinformation about potential vulnerabilities.

A significant data breach at the Australian Human Rights Commission has resulted in the exposure of personal information, raising concerns about data security and privacy. The incident highlights vulnerabilities in handling sensitive information and the potential risks to individuals affected by the breach.

The article discusses essential steps to take after experiencing a data breach, emphasizing the importance of immediate action to mitigate damage. It outlines strategies for protecting sensitive information and restoring trust with customers by implementing strong security measures and communication plans.

Hertz has confirmed that a data breach has resulted in the theft of customers' personal data, including drivers' licenses. The company is currently investigating the incident and working to notify affected individuals. This breach raises concerns about data security within the car rental industry.

Renault UK has confirmed that it experienced a significant data breach affecting customer data, which has been shared with unauthorized third parties. The breach has raised concerns regarding the security measures in place to protect sensitive information, prompting an investigation into the incident. Customers are advised to monitor their accounts for any unusual activity as a precaution.

Bouygues Telecom has suffered a significant cyberattack, compromising the personal data of approximately 6.4 million customers. The breach involved unauthorized access to sensitive information, prompting the company to notify affected individuals and take steps to secure their systems.