Data Breaches

World Leaks gang dumps 7TB of sensitive police data including personnel files and Internal Affairs investigations after breaching LA City Attorney's Office.

Attackers stole 50.9 BTC from company wallets after obtaining settlement account credentials. Second security incident for the crypto ATM operator since 2023.

Telehealth company Hims & Hers reveals data breach affecting customer support tickets. ShinyHunters gang exploited Okta SSO to access Zendesk platform.

Solana's Drift Protocol lost $285 million in 2026's largest DeFi hack. TRM Labs attributes the attack to North Korean actors who exploited oracle manipulation and pre-signed transactions.

Die Linke confirms Qilin stole internal data and employee info from party headquarters. Officials suggest attack may be politically motivated hybrid warfare.

Toy giant Hasbro filed an SEC 8-K disclosing unauthorized network access discovered March 28. Systems remain offline with recovery expected to take weeks.

Intesa Sanpaolo hit with $36 million GDPR fine after a single employee accessed 3,573 customer accounts undetected for over two years, including politicians.

API defect in Lloyds, Halifax, and Bank of Scotland apps let users view strangers' transactions including account numbers and NI numbers. Bank paying compensation.

Hackers compromised the European Commission's Amazon cloud infrastructure, claiming to steal 350GB of data including employee databases. Investigation ongoing.

An API vulnerability in AFC Ajax systems let attackers access fan data and transfer 42,000+ season tickets. Club patched after journalists demonstrated the flaw.

K-12 student information system provider Infinite Campus discloses breach affecting school staff data. ShinyHunters issued March 25 ransom deadline after claiming to steal Salesforce records.

Hackers infected a contractor's device to steal Okta credentials, then pivoted to Crunchyroll's Zendesk. Support ticket data for 6.8 million subscribers extracted.

Workplace benefits administrator Navia discloses data breach affecting 2.7 million individuals. Social Security numbers, health plan data, and personal information stolen during December-January intrusion.

Turkish restaurant chain Baydöner confirms breach affecting 3.7 million customers. Data includes 622,000 plaintext passwords and 42,000 national IDs now circulating on forums.

Infutor data breach reportedly exposes 676 million consumer records including Social Security numbers. Misconfigured Elasticsearch database blamed for the exposure.

Canadian BPO giant confirms breach after ShinyHunters claims massive data theft including call recordings, source code, and FBI background checks. Ransom ignored.

British government registry's WebFiling vulnerability let logged-in users access other companies' dashboards since October 2025. Unauthorized filings were possible.

Threat group ShinyHunters exploits misconfigured Salesforce Experience Cloud sites, stealing data from 100+ organizations including 921K records from Aura.com.

Attackers compromised 889 Starbucks Partner Central accounts using fake login portals, exposing employee names, Social Security numbers, and bank details.

Iranian-linked hacktivists claim devastating attack on medical device maker Stryker, weaponizing Intune's remote wipe capability to erase systems in 79 countries.

Ericsson's U.S. subsidiary confirms data theft affecting employees and customers after attackers compromised a service provider. SSNs, medical info, and financial details exposed.

Cognizant subsidiary TriZetto Provider Solutions confirms breach affecting 3.4 million patients. SSNs, Medicare IDs, and health data exposed after attackers went undetected for nearly a year.

Anubis gang claims 170GB of data including passport scans and client agreements from AkzoNobel's US operations. Company says breach contained.

Attacker leverages infostealer-compromised credentials to extort restaurant POS provider HungerRush, sending threatening emails directly to customers demanding response.

FulcrumSec threat actor exploits React2Shell vulnerability to breach LexisNexis AWS infrastructure, leaking 2GB of customer data including .gov email addresses and federal employee records.

A coding error in PayPal Working Capital exposed customer SSNs and business data since July 2025. Unauthorized transactions detected on some affected accounts.

Japanese semiconductor test equipment maker Advantest hit by ransomware on Feb 15. Investigation ongoing as company assesses potential data exposure.

ShinyHunters claims 800,000+ Wynn Resorts employee records including SSNs, salaries, and personal details. Group demands 22 Bitcoin by February 23, exploited Oracle PeopleSoft.

VIQ Solutions confirms sensitive Australian court data including domestic violence and national security cases accessed by unauthorized Indian subcontractor e24 Technologies.

Attacker impersonating civil servant accessed French FICOBA registry containing 300M+ bank account records. 1.2 million accounts compromised in late January attack.

University of Mississippi Medical Center shuts 35 clinics statewide after ransomware attack disables Epic EHR access. FBI investigating as doctors resort to pen and paper for patient care.

WormGPT database allegedly leaked on dark web forums, exposing emails, payment data, and subscription details of cybercriminals using the service.

Wiz researchers found Moltbook's Supabase database exposed without authentication, leaking 1.5M API tokens, private messages, and plaintext OpenAI keys.

Odido confirms cyberattack exposed names, IBANs, passport numbers, and personal data of 6.2 million Dutch customers. Services remain operational.

Enriched AT&T breach dataset with 148M Social Security numbers and 133M addresses is circulating privately, creating fresh identity theft and SIM-swap risks.

Flickr discloses a data breach through a third-party email provider vulnerability that exposed names, emails, and IP addresses for up to 35 million users.

Substack's October 2025 breach went undetected for four months. 700,000 users' email addresses and phone numbers were accessed by an unauthorized third party.

The January 2025 ransomware attack on govtech giant Conduent keeps growing—15.4M in Texas, 10.5M in Oregon, with more states still counting.

Match Group confirms breach after ShinyHunters dumps 1.7GB of user data. Attackers used voice phishing to compromise an Okta SSO account.

Flare researchers find a single threat actor wiping misconfigured MongoDB databases and demanding $500 Bitcoin ransoms. Nearly half of unauthenticated instances already compromised.

Federal jury convicts Linwei Ding on 14 counts of economic espionage and trade secret theft for stealing Google's AI infrastructure secrets for China.

Extortion group confirms voice phishing attacks stealing SSO credentials from Crunchbase, Betterment, and more. Custom phishing kits enable real-time MFA bypass.

Microsoft disrupts multi-stage attack combining adversary-in-the-middle phishing with BEC. Attackers abused SharePoint and inbox rules for persistence.

Fake maintenance emails urge users to backup their vaults before a deadline, redirecting victims to credential-harvesting sites. The campaign launched over MLK weekend.

SafePay ransomware group allegedly stole 3.5TB from the $48B IT distributor. Employee SSNs, passports, and performance reviews exposed.