Data Breach

ShinyHunters compromised SaaS analytics provider Anodot, using stolen authentication tokens to access and exfiltrate data from dozens of Snowflake customers.

World Leaks gang dumps 7TB of sensitive police data including personnel files and Internal Affairs investigations after breaching LA City Attorney's Office.

Attackers stole 50.9 BTC from company wallets after obtaining settlement account credentials. Second security incident for the crypto ATM operator since 2023.

Telehealth company Hims & Hers reveals data breach affecting customer support tickets. ShinyHunters gang exploited Okta SSO to access Zendesk platform.

Toy giant Hasbro filed an SEC 8-K disclosing unauthorized network access discovered March 28. Systems remain offline with recovery expected to take weeks.

Intesa Sanpaolo hit with $36 million GDPR fine after a single employee accessed 3,573 customer accounts undetected for over two years, including politicians.

API defect in Lloyds, Halifax, and Bank of Scotland apps let users view strangers' transactions including account numbers and NI numbers. Bank paying compensation.

Hackers compromised the European Commission's Amazon cloud infrastructure, claiming to steal 350GB of data including employee databases. Investigation ongoing.

An API vulnerability in AFC Ajax systems let attackers access fan data and transfer 42,000+ season tickets. Club patched after journalists demonstrated the flaw.

Hackers infected a contractor's device to steal Okta credentials, then pivoted to Crunchyroll's Zendesk. Support ticket data for 6.8 million subscribers extracted.

Workplace benefits administrator Navia discloses data breach affecting 2.7 million individuals. Social Security numbers, health plan data, and personal information stolen during December-January intrusion.

Turkish restaurant chain Baydöner confirms breach affecting 3.7 million customers. Data includes 622,000 plaintext passwords and 42,000 national IDs now circulating on forums.

Infutor data breach reportedly exposes 676 million consumer records including Social Security numbers. Misconfigured Elasticsearch database blamed for the exposure.

Canadian BPO giant confirms breach after ShinyHunters claims massive data theft including call recordings, source code, and FBI background checks. Ransom ignored.

British government registry's WebFiling vulnerability let logged-in users access other companies' dashboards since October 2025. Unauthorized filings were possible.

Threat group ShinyHunters exploits misconfigured Salesforce Experience Cloud sites, stealing data from 100+ organizations including 921K records from Aura.com.

Attackers compromised 889 Starbucks Partner Central accounts using fake login portals, exposing employee names, Social Security numbers, and bank details.

Cognizant subsidiary TriZetto Provider Solutions confirms breach affecting 3.4 million patients. SSNs, Medicare IDs, and health data exposed after attackers went undetected for nearly a year.

Anubis gang claims 170GB of data including passport scans and client agreements from AkzoNobel's US operations. Company says breach contained.

Attacker leverages infostealer-compromised credentials to extort restaurant POS provider HungerRush, sending threatening emails directly to customers demanding response.

FulcrumSec threat actor exploits React2Shell vulnerability to breach LexisNexis AWS infrastructure, leaking 2GB of customer data including .gov email addresses and federal employee records.

A coding error in PayPal Working Capital exposed customer SSNs and business data since July 2025. Unauthorized transactions detected on some affected accounts.

ShinyHunters claims 800,000+ Wynn Resorts employee records including SSNs, salaries, and personal details. Group demands 22 Bitcoin by February 23, exploited Oracle PeopleSoft.

VIQ Solutions confirms sensitive Australian court data including domestic violence and national security cases accessed by unauthorized Indian subcontractor e24 Technologies.

Attacker impersonating civil servant accessed French FICOBA registry containing 300M+ bank account records. 1.2 million accounts compromised in late January attack.

WormGPT database allegedly leaked on dark web forums, exposing emails, payment data, and subscription details of cybercriminals using the service.

Wiz researchers found Moltbook's Supabase database exposed without authentication, leaking 1.5M API tokens, private messages, and plaintext OpenAI keys.

Odido confirms cyberattack exposed names, IBANs, passport numbers, and personal data of 6.2 million Dutch customers. Services remain operational.

Enriched AT&T breach dataset with 148M Social Security numbers and 133M addresses is circulating privately, creating fresh identity theft and SIM-swap risks.

Flickr discloses a data breach through a third-party email provider vulnerability that exposed names, emails, and IP addresses for up to 35 million users.

Substack's October 2025 breach went undetected for four months. 700,000 users' email addresses and phone numbers were accessed by an unauthorized third party.

The January 2025 ransomware attack on govtech giant Conduent keeps growing—15.4M in Texas, 10.5M in Oregon, with more states still counting.

Russian-linked gang dumps executive emails, employee IDs, and banking communications in first airline sector attack of 2026.

Match Group confirms breach after ShinyHunters dumps 1.7GB of user data. Attackers used voice phishing to compromise an Okta SSO account.

SafePay ransomware group allegedly stole 3.5TB from the $48B IT distributor. Employee SSNs, passports, and performance reviews exposed.

A backup misconfiguration led to the exposure of nearly 324,000 user records from the notorious hacking forum, including usernames, hashed passwords, and IP addresses.

Australian government schools confirm hackers accessed student names, emails, and encrypted passwords. VCE students prioritized for credential resets before school year.

Food delivery giant confirms hackers stole data and are now extorting the company. Attack traced to credentials stolen in August 2025 Salesloft breach.

Russia-linked ransomware group posts samples allegedly from Nissan's internal systems including dealership records and financial documents.

Attackers claim 98 million records from the car rental insurance provider. Stolen data includes license photos, policy documents, and personal details.

Scraped data from 2024 API misconfiguration resurfaces on dark web. Attackers weaponize leaked emails to flood users with legitimate password reset requests.

A threat actor shared Instagram user data including emails and phone numbers for free. Users report receiving suspicious password reset emails within hours of the leak.

Pickett USA breach exposes LiDAR scans, transmission line surveys, and substation layouts for Tampa Electric, Duke Energy Florida, and American Electric Power. Asking price: 6.5 BTC.

Consumer credit provider 700Credit suffers massive data breach affecting auto loan applicants nationwide, with millions of Social Security numbers potentially compromised through dealership credit checks.

Threat actor '1011' posted alleged data from the semiconductor equipment giant to a Russian cybercrime forum. Security researchers are verifying the files.