Data Breaches

VIQ Solutions confirms sensitive Australian court data including domestic violence and national security cases accessed by unauthorized Indian subcontractor e24 Technologies.

Attacker impersonating civil servant accessed French FICOBA registry containing 300M+ bank account records. 1.2 million accounts compromised in late January attack.

University of Mississippi Medical Center shuts 35 clinics statewide after ransomware attack disables Epic EHR access. FBI investigating as doctors resort to pen and paper for patient care.

WormGPT database allegedly leaked on dark web forums, exposing emails, payment data, and subscription details of cybercriminals using the service.

Wiz researchers found Moltbook's Supabase database exposed without authentication, leaking 1.5M API tokens, private messages, and plaintext OpenAI keys.

Odido confirms cyberattack exposed names, IBANs, passport numbers, and personal data of 6.2 million Dutch customers. Services remain operational.

Enriched AT&T breach dataset with 148M Social Security numbers and 133M addresses is circulating privately, creating fresh identity theft and SIM-swap risks.

Flickr discloses a data breach through a third-party email provider vulnerability that exposed names, emails, and IP addresses for up to 35 million users.

Substack's October 2025 breach went undetected for four months. 700,000 users' email addresses and phone numbers were accessed by an unauthorized third party.

The January 2025 ransomware attack on govtech giant Conduent keeps growing—15.4M in Texas, 10.5M in Oregon, with more states still counting.

Match Group confirms breach after ShinyHunters dumps 1.7GB of user data. Attackers used voice phishing to compromise an Okta SSO account.

Flare researchers find a single threat actor wiping misconfigured MongoDB databases and demanding $500 Bitcoin ransoms. Nearly half of unauthenticated instances already compromised.

Federal jury convicts Linwei Ding on 14 counts of economic espionage and trade secret theft for stealing Google's AI infrastructure secrets for China.

Extortion group confirms voice phishing attacks stealing SSO credentials from Crunchbase, Betterment, and more. Custom phishing kits enable real-time MFA bypass.

Microsoft disrupts multi-stage attack combining adversary-in-the-middle phishing with BEC. Attackers abused SharePoint and inbox rules for persistence.

Fake maintenance emails urge users to backup their vaults before a deadline, redirecting victims to credential-harvesting sites. The campaign launched over MLK weekend.

SafePay ransomware group allegedly stole 3.5TB from the $48B IT distributor. Employee SSNs, passports, and performance reviews exposed.

A backup misconfiguration led to the exposure of nearly 324,000 user records from the notorious hacking forum, including usernames, hashed passwords, and IP addresses.

Australian government schools confirm hackers accessed student names, emails, and encrypted passwords. VCE students prioritized for credential resets before school year.

Food delivery giant confirms hackers stole data and are now extorting the company. Attack traced to credentials stolen in August 2025 Salesloft breach.

Russia-linked ransomware group posts samples allegedly from Nissan's internal systems including dealership records and financial documents.

Attackers claim 98 million records from the car rental insurance provider. Stolen data includes license photos, policy documents, and personal details.

Scraped data from 2024 API misconfiguration resurfaces on dark web. Attackers weaponize leaked emails to flood users with legitimate password reset requests.

A threat actor shared Instagram user data including emails and phone numbers for free. Users report receiving suspicious password reset emails within hours of the leak.

Pickett USA breach exposes LiDAR scans, transmission line surveys, and substation layouts for Tampa Electric, Duke Energy Florida, and American Electric Power. Asking price: 6.5 BTC.

Consumer credit provider 700Credit suffers massive data breach affecting auto loan applicants nationwide, with millions of Social Security numbers potentially compromised through dealership credit checks.

Threat actor '1011' posted alleged data from the semiconductor equipment giant to a Russian cybercrime forum. Security researchers are verifying the files.

System enhancement gone wrong allowed members to view other members' names, diagnoses, and medications. The insurer is offering affected individuals credit monitoring.

Russian ransomware group Clop claims responsibility for breach at Dartmouth College, posting stolen data on dark web and affecting more than 40,000 individuals including students, staff, and alumni.

Russian ransomware gang exploited CVE-2025-61882 to steal SSNs and financial data from the college. The same vulnerability hit Harvard, UPenn, and 100+ organizations.

US fiber broadband provider Brightspeed confirms investigation into cyberattack claims by emerging threat group Crimson Collective, which alleges exfiltration of over one million customer records.

Cryptocurrency hardware wallet maker Ledger confirms customer data exposed after third-party payment processor Global-e suffers cloud system breach.

Aurora College in Canada's Northwest Territories cancels all classes January 5-9 after cyber attack over Christmas break takes down servers, email, and e-learning systems.

New Year's Eve attack on Sedgwick Government Solutions compromises file transfer system serving DHS, CISA, and ICE. TridentLocker claims 3.4GB of stolen data.

After ASUS missed ransom deadline, Everest releases complete data trove including ROG source code, Qualcomm SDKs, and ArcSoft files on cybercrime forums.

Configuration error left addresses, case numbers, and demographic data publicly accessible on mapping website from January 2022 until September 2025.

ManageMyHealth confirms Kazu ransomware gang compromised Health Documents module, threatening to leak 108GB of medical records unless $60,000 ransom is paid.

Investigation reveals Qilin ransomware attack in May 2025 was far larger than initially reported. The gang has already leaked 850GB of stolen data.

Threat actor '888' claims 200GB of source code, API keys, and credentials from ESA's Bitbucket and JIRA servers. Agency says only unclassified scientific systems were affected.

Attackers accessed Chipotle employee Workday accounts between October 9-26, potentially exposing personal information stored in payroll systems.

Oltenia Energy Complex shut down IT systems on December 26 after a ransomware attack encrypted critical documents and disrupted ERP, email, and web operations.

Hackers exploited Oracle EBS vulnerability at catering subsidiary to steal employee data including bank account numbers. Second major Korean airline breach this week.

Database dump posted Christmas Day includes subscriber emails, names, and addresses. Attacker 'Lovely' claims access to broader Condé Nast data spanning multiple publications.

Attackers pushed malicious update v2.68 to Chrome Web Store using leaked API key. Hundreds affected as seed phrases harvested via embedded analytics library.

South Korea's largest e-commerce breach exposed personal data for two-thirds of the population. Former employee identified as perpetrator. National Assembly hearings scheduled.