Click any tag below to further narrow down your results
Links
Flickr informed users of a data breach linked to a third-party email service that may have exposed personal information, including names, email addresses, and user activity. The company has shut down the affected system and is reviewing its security practices while advising users to check their account settings. No passwords or financial data were compromised.
Spain's Ministry of Science has partially shut down its IT systems following a cyberattack claim by a hacker group. The breach reportedly involved sensitive data, and the ministry is currently assessing the situation while suspending administrative procedures.
The French Soccer Federation suffered a cyberattack that compromised member data, including names and contact information. The breach was traced to a compromised account, which has since been disabled and secured. The federation has filed a complaint regarding the incident.
The Apache Software Foundation rejected the Akira ransomware gang's assertion that they stole 23 GB of data from OpenOffice, including sensitive employee and financial information. Apache insists it does not have the data claimed and found no evidence of a breach.
Substack has informed some users that their email addresses and phone numbers were compromised in a security breach last October. The company detected the issue on February 3rd and claims no financial information was accessed. Users are advised to be cautious of suspicious communications.
Moltbook, a social network for AI agents, suffered a major security breach due to a misconfigured Supabase database, exposing 1.5 million API keys and personal data of 17,000 human users. The incident highlights risks in quickly developed applications without adequate security measures.
The article recounts a personal experience with a sophisticated phishing scam targeting a Coinbase user. The author details how scammers used stolen personal information to manipulate them into revealing more data and discusses Coinbase's inadequate response to the breach.
Localmind's software, used by over 150 organizations, suffered a serious data breach due to a flaw allowing demo accounts full root access. The compromised data includes sensitive information from banks, hotels, and energy companies, with passwords stored in plain text. A security researcher uncovered these vulnerabilities and the extent of the breach.
Instagram recently addressed a problem where users received unsolicited password reset emails triggered by an external party. The company insists there was no breach, despite reports of personal data from millions of accounts being available on the dark web.
OpenAI's analytics partner Mixpanel suffered a data breach, exposing customer profile information from OpenAI API accounts. The breach occurred due to a smishing attack, and while OpenAI claims its systems were not compromised, affected customers have been notified and advised to stay vigilant against phishing attempts.
Researchers found a significant security flaw in WhatsApp that allowed hackers to easily access phone numbers and some profile information for all 3.5 billion users. Despite being warned about the issue since 2017, Meta only implemented a fix in October 2023. Users are urged to review their privacy settings to protect their information.
Coupang's CEO, Park Dae-jun, resigned following a data breach that exposed 33.7 million customer accounts. The company is facing a class-action lawsuit in the U.S. and has come under scrutiny from South Korean authorities for its security practices.
Iberia has informed customers about a data breach involving a third-party vendor, exposing names, email addresses, and loyalty card IDs. While no login credentials or financial information were compromised, the airline is monitoring for suspicious activity and has strengthened account protections.
Gulshan Management Services confirmed a data breach affecting over 377,000 individuals, exposing sensitive information like Social Security numbers and financial details. The breach, discovered on September 27, 2025, went undetected for days, and notifications to affected individuals were delayed until January 2026. Multiple class action lawsuits are now targeting the company for inadequate security measures.
Ledger customers are at risk after a data breach at Global-e, a third-party payment processor. Though no financial information was compromised, personal details like names and contact information were exposed. Ledger advises users to stay vigilant against potential phishing attempts.
Tokyo FM Broadcasting Co. was hacked on January 1, 2026, with a group claiming to have stolen over 3 million records. The stolen data includes names, birthdays, email addresses, IP addresses, and internal login IDs, raising significant security concerns for listeners and employees. Verification of the claims is still pending.
Nikkei reported a data breach affecting over 17,000 employees and partners after malware compromised its Slack platform. The stolen information includes names, email addresses, and chat histories, but the company asserts that sensitive journalistic data remains secure.
The UK ICO fined LastPass £1.2 million after a 2022 breach exposed personal data of 1.6 million users. The breach resulted from a series of security failures, including a compromised employee device and weak password practices, allowing attackers to access sensitive customer information.
The FBI has shared 630 million passwords with Troy Hunt to help organizations block potential account takeovers. This data, some of which is newly identified, adds to the existing database and enhances security measures against cybercrime. Hunt emphasizes the importance of using this information to protect accounts effectively.
Pornhub has alerted Premium members about potential sextortion emails following a data breach at a third-party analytics provider. While no passwords or payment info were leaked, users should be vigilant for blackmail attempts and follow safety guidelines if they receive suspicious emails.
Petco reported a data breach that compromised customer personal information due to a software application error. The company is offering free credit monitoring to affected individuals but hasn't disclosed how many customers were impacted or what specific data was exposed.
OpenAI confirmed a data breach involving Mixpanel, exposing limited user metadata like names and email addresses, but not passwords or payment info. The breach resulted from a compromise of Mixpanel, not OpenAI's systems. Affected users have been notified, and OpenAI has removed Mixpanel from its services.
The U.S. Congressional Budget Office confirmed a cyberattack by a suspected foreign hacker, potentially exposing sensitive data. The agency has taken steps to contain the breach and is investigating while continuing to operate despite some congressional offices halting communications.
OpenAI has cut ties with Mixpanel following a data breach that exposed user profile information linked to its API. While typical ChatGPT users are not affected, OpenAI is notifying impacted API users and reviewing security measures across its vendors. The breach involved names, emails, and location data, raising concerns about potential phishing attempts.
Pandora has confirmed a cyber attack that compromised customer data through a third-party vendor. The breach has raised significant security concerns as sensitive information may have been exposed, prompting the company to investigate the extent of the incident and reinforce its data protection measures.
WestJet is investigating a cyberattack that disrupted access to its internal systems and app, affecting user logins. The airline has activated specialized teams in collaboration with law enforcement to address the breach while ensuring safety and protecting sensitive data. Although some services have been restored, it remains unclear whether the incident was a ransomware attack or a precautionary shutdown of systems.
Wealthsimple, a Canadian financial services firm, has reported a data breach affecting the personal data of less than 1% of its customers. The company confirmed that no funds or passwords were compromised, and it is offering affected users two years of complimentary credit monitoring and security advice. The breach was linked to a third-party software package and is not related to ongoing Salesforce data theft incidents.
Rainwalk, a pet insurance provider, has reportedly exposed sensitive customer data related to 158,000 pets, including personal and medical information. This data breach raises significant concerns about privacy and data security within the pet insurance industry as affected customers face potential identity theft and fraud risks.
A critical vulnerability has been discovered in Salesforce's AgentForce, which could potentially allow unauthorized access to sensitive data. This flaw poses significant risks, prompting immediate attention and action from Salesforce to secure their systems and protect user information.
Google has warned users of the Salesloft Drift AI chat agent that their security tokens may be compromised following a breach that allowed attackers to access Google Workspace accounts. The situation is more extensive than initially reported, prompting Google to revoke affected tokens and disable integrations, while Salesloft has not yet updated its security guidance to reflect the new findings.
A company known for selling spyware to monitor sex offenders has reportedly suffered a data breach, exposing sensitive information. The hack raises concerns about the security measures in place for companies dealing with sensitive data related to criminal monitoring.
A hard-coded API key was discovered in an AI note-taking app, leading to the exposure of users' private meeting transcripts. This vulnerability raises significant concerns about data security and user privacy within the application. Immediate actions are needed to address and rectify such security flaws to protect user information.
Plex has notified its users to change their passwords following a recent data breach that may have compromised user account information. The company is taking steps to enhance security and protect user data in light of the incident.
Northwest Radiologists has experienced a significant data breach affecting approximately 350,000 patients in Washington. The breach, which involves sensitive personal information, highlights ongoing concerns about data security in the healthcare sector. Affected individuals are being notified and offered assistance to mitigate potential risks.
A significant data breach at Lotte Card has exposed personal information of over 1 million users, with estimates suggesting the leak could impact several million. The Financial Supervisory Service's investigation revealed the breach was much larger than the initially reported 1.7 GB. Lotte Card is set to apologize and announce response measures on the 18th.
The article discusses the exposure of confidential informants within the Louisiana Sheriff's Office following a significant hack. Sensitive information was leaked, raising concerns about the safety and privacy of those involved in law enforcement operations. The breach highlights vulnerabilities in law enforcement data security and its potential consequences.
Hackers have leaked personal data of approximately 86 million AT&T customers, including names, addresses, and decrypted Social Security numbers. The breach has raised significant concerns about data security and the implications for affected individuals. AT&T has not confirmed the authenticity of the leaked data but is investigating the incident.
Fully Homomorphic Encryption (FHE) enables computations on encrypted data without decryption, potentially transforming internet privacy by keeping user data encrypted at all times. Despite current limitations in speed and efficiency, rapid advancements suggest FHE could soon support secure cloud computing and confidential transactions, shifting the paradigm from data harvesting to user privacy.
Coinbase has reported a data breach that affects at least 69,000 customers, potentially exposing sensitive information. The company is investigating the incident and has advised affected users to secure their accounts and monitor for suspicious activity.
Conduent, a major American business services and government contractor, confirmed that client data was stolen during a cyberattack in January 2025. The breach involved personal information of individuals associated with the company's clients, though there are currently no indications that the data has been made public. Conduent is assessing the impact of the breach and informing clients as necessary.
UAP has confirmed a ransomware attack that compromised personal data and email correspondence of its users. The breach raises concerns over data security and the potential misuse of sensitive information. UAP is currently investigating the incident and taking measures to enhance security protocols.
Education giant Pearson was hit by a cyberattack that allowed threat actors to steal customer and corporate data, primarily consisting of "legacy data." The breach was facilitated by an exposed GitLab Personal Access Token, which gave attackers access to internal systems and cloud services, resulting in significant data theft affecting millions of individuals. Pearson has confirmed the incident and is enhancing their security measures but has not disclosed details about the ransom or the extent of customer impact.
A security vulnerability in Verizon's Call Filter app allowed unauthorized access to incoming call logs of other users through an unsecured API request. Discovered by researcher Evan Connelly, the flaw was addressed by Verizon in March 2025, but the exposure duration remains unknown, raising concerns about the handling of sensitive user data.
A significant data breach at Mango has exposed sensitive customer information, raising concerns about privacy and security. Investigations are ongoing to determine the full extent of the breach and its implications for affected users. Customers are advised to take precautions to safeguard their personal data in the wake of this incident.
Marks & Spencer has confirmed that personal data of its customers was compromised during a recent hacking incident. The breach has raised concerns about the safety of customer information and the company's security measures.
Pakistanis are being urged to change all their passwords immediately following a significant global data breach that has compromised numerous accounts. Authorities recommend enhancing security measures to protect personal information from potential exploitation.
Harrods has been contacted by hackers after a data breach compromised the records of 430,000 customers, though the stolen information does not include passwords or payment details. The company has assured customers that the breach involved only basic personal data and is cooperating with authorities. This incident is part of a larger trend of cyber-attacks affecting major UK businesses in recent months.
Paraguay experienced a significant data breach, resulting in the leak of records belonging to approximately 7.4 million citizens on the dark web. This incident raises concerns about personal data security and the potential implications for those affected. Authorities are investigating the breach to determine its cause and prevent future incidents.
CI/CD servers are vulnerable to attacks that can compromise source code and sensitive data, making their security critical. The article outlines essential steps to enhance the security of CI/CD servers and highlights the risks associated with security breaches. By prioritizing security measures, organizations can protect themselves from potential data breaches and attacks.
Brosix and Chatox, two messaging platforms, failed to uphold their promises of secure communication, exposing users' chats to potential breaches. This raises concerns about the reliability of privacy assurances from messaging services.
Doctors Imaging Group experienced a significant data breach impacting approximately 171,000 individuals. The breach involved unauthorized access to sensitive patient information, prompting an investigation and notifications to affected individuals. Security measures are being reassessed to prevent future incidents.
AT&T has reached a settlement regarding data breaches that occurred between 2019 and 2024, which affected customer data and privacy. The agreement addresses compensation for affected individuals and outlines measures to enhance data security moving forward.
Manpower confirmed that a ransomware attack on its Lansing franchise resulted in the theft of personal information from 144,189 individuals. The breach, attributed to the RansomHub extortion group, involved unauthorized access to sensitive data, prompting the company to offer affected individuals credit monitoring services. ManpowerGroup maintains that its corporate systems were not compromised and is supporting the franchise in its response to the incident.
PagerDuty has reported a security incident involving a breach of its Salesforce data due to a vulnerability in Salesloft's Drift application. The breach exposed customer support information, including names and contact details, although no PagerDuty credentials were compromised. The company is actively investigating the matter and has taken steps to mitigate the risks, including disabling the integration with Drift and advising customers to rotate their API keys.
The State Bar of Texas has reported a data breach after the INC ransomware gang claimed responsibility and leaked samples of stolen data. The breach occurred between January 28 and February 9, 2025, but was only discovered on February 12, leading to notifications sent to affected members and the offer of credit monitoring services.
Security researchers discovered that a weak password used by Paradox.ai allowed access to sensitive personal information of millions of job applicants for McDonald's, exposing 64 million records. Additionally, a malware infection on a Paradox developer's device compromised various internal and third-party credentials, raising concerns about the company's security practices despite previous audits.
A security vulnerability in the Verizon Call Filter iOS app allowed unauthorized access to the call history of any Verizon customer by manipulating network requests, raising significant privacy and safety concerns for vulnerable individuals. The flaw was reported and promptly fixed by Verizon, highlighting the importance of securing sensitive user data in telecommunications.
A researcher identified vulnerabilities in internal Intel websites that exposed the personal information of 270,000 employees, including names, email addresses, and phone numbers. Although Intel promptly patched these issues, the researcher noted that sensitive data such as Social Security numbers were not compromised. Intel claims there was no data breach or unauthorized access.
Hackers compromised a third-party customer service provider for Discord, stealing partial payment information and personally identifiable data from a limited number of users. The breach, which occurred on September 20, involved unauthorized access to sensitive user data, including government IDs, names, and billing information, and hackers demanded a ransom to avoid leaking the stolen information. Discord has since taken steps to secure its systems and is investigating the incident.
Kelly Benefits has reported a data breach affecting over 550,000 customers, where unauthorized access to its IT systems occurred between December 12-17, 2024. The compromised information includes personal details such as names, Social Security numbers, and health insurance data, prompting the company to offer credit monitoring services to affected individuals.
Qantas has announced a 15% reduction in executive bonuses following a data breach that occurred in July. The decision reflects the company's commitment to accountability and addressing the repercussions of the incident on its customers and stakeholders.
Chess.com reported a data breach involving unauthorized access to a third-party file transfer application, affecting over 4,500 users' personally identifiable information. The platform has emphasized that its own infrastructure remains secure and no financial data was compromised, while offering impacted users identity theft protection services. Previous incidents include a massive scraping of user data due to an API flaw in November 2023.
A security incident at a startup revealed vulnerabilities in their admin panel due to weak password usage and inadequate access controls, allowing an attacker to exfiltrate sensitive customer data. The experience highlighted the importance of robust authorization systems and the significant fallout that can occur from neglecting security measures. The aftermath involved extensive remediation efforts and a reevaluation of the company's security posture.
Vodafone GmbH has been fined €45 million ($51.4 million) by Germany's data protection authority for privacy and security violations, including fraud committed by employees of partner agencies and vulnerabilities in its authentication systems. The company has since revamped its processes, severed ties with fraudulent partners, and cooperated fully with the investigation. Vodafone has also donated to organizations focused on data protection and media literacy.
Claims regarding a major security warning in Gmail are unfounded, as Google's protections are robust and effective. The article emphasizes the strength of Gmail's security measures, countering rumors and misinformation about potential vulnerabilities.
A significant data breach at the Australian Human Rights Commission has resulted in the exposure of personal information, raising concerns about data security and privacy. The incident highlights vulnerabilities in handling sensitive information and the potential risks to individuals affected by the breach.
The article discusses essential steps to take after experiencing a data breach, emphasizing the importance of immediate action to mitigate damage. It outlines strategies for protecting sensitive information and restoring trust with customers by implementing strong security measures and communication plans.
Hertz has confirmed that a data breach has resulted in the theft of customers' personal data, including drivers' licenses. The company is currently investigating the incident and working to notify affected individuals. This breach raises concerns about data security within the car rental industry.
Renault UK has confirmed that it experienced a significant data breach affecting customer data, which has been shared with unauthorized third parties. The breach has raised concerns regarding the security measures in place to protect sensitive information, prompting an investigation into the incident. Customers are advised to monitor their accounts for any unusual activity as a precaution.
Bouygues Telecom has suffered a significant cyberattack, compromising the personal data of approximately 6.4 million customers. The breach involved unauthorized access to sensitive information, prompting the company to notify affected individuals and take steps to secure their systems.