#data-breach

[ follow ]
fromDataBreaches.Net
2 hours ago

Tiffany discloses data breach involving gift cards - second breach disclosure in recent months - DataBreaches.Net

Tiffany writes that they experienced a cybersecurity incident on or around May 12, 2025. "Based on our investigation, we determined on September 9, 2025, that, in connection with this issue, an unauthorized party obtained certain information related to your Tiffany gift card(s)," the letter states, adding, "The affected information included client name, postal address, email address, phone number, sales data, internal client reference number, and Tiffany gift card number and PIN."
Information security
#ransomware
fromTechCrunch
5 hours ago
Information security

VC firm Insight Partners says thousands of staff and limited partners had personal data stolen in a ransomware attack | TechCrunch

fromTechCrunch
5 hours ago
Information security

VC firm Insight Partners says thousands of staff and limited partners had personal data stolen in a ransomware attack | TechCrunch

#cyberattack
fromIT Pro
6 days ago
Information security

Jaguar Land Rover u-turns on cyber attack containment claims, admits 'some data has been affected'

Information security
fromDataBreaches.Net
1 week ago

MO: City of St. Joseph hit by cyberattack, data potentially acquired in breach - DataBreaches.Net

St. Joseph suffered a June cyberattack that disrupted network services, possibly exposing thousands of residents' data and prompting over $1 million in security upgrades.
Information security
fromTheregister
1 week ago

Knock-on effects of software dev break-in hit schools trust

A cyberattack on Intradev likely exposed sensitive personal and DBS-related information of Affinity Learning Partnership staff, potentially affecting hundreds of employees and thousands of students.
fromIT Pro
6 days ago
Information security

Jaguar Land Rover u-turns on cyber attack containment claims, admits 'some data has been affected'

#cybercrime
fromIT Pro
11 hours ago

Nearly 700,000 customers impacted after insider attack at US fintech firm

A US-based fintech firm has warned customers their data may have been exposed following an insider attack.
Information security
#cybersecurity
fromIT Pro
6 days ago
Information security

LNER warns customers to remain vigilant after personal data exposed in cyber attack

fromNextgov.com
3 weeks ago
US politics

Wyden calls for review of US court systems' cyber posture after case system hack

U.S. federal courts' outdated cybersecurity and lack of mandatory standards allowed a breach exposing sensitive legal records and informant identities, posing national security risks.
fromTechzine Global
4 weeks ago
Information security

Orange Belgium reports cyberattack: 850,000 accounts compromised

850,000 Orange Belgium customer accounts were accessed in a late-July cyberattack, exposing personal and technical data but not passwords or financial information.
fromIT Pro
6 days ago
Information security

LNER warns customers to remain vigilant after personal data exposed in cyber attack

fromIT Pro
1 day ago

Hackers behind Jaguar Land Rover announce their 'retirement' - should we believe them?

The Scattered Lapsus$ Hunters hacking group, recently linked to the attack on Jaguar Land Rover that has devastated the company, has announced that it plans to shut down.
Information security
#kering
fromTechCrunch
1 day ago
Information security

Company that owns Gucci, Balenciaga, other brands confirms hack | TechCrunch

fromDataBreaches.Net
5 days ago
Information security

Exclusive: High-end fashion retailers Gucci, Balenciaga, Brioni, and Alexander McQueen hit by Salesforce attacks - DataBreaches.Net

fromTechCrunch
1 day ago
Information security

Company that owns Gucci, Balenciaga, other brands confirms hack | TechCrunch

fromDataBreaches.Net
5 days ago
Information security

Exclusive: High-end fashion retailers Gucci, Balenciaga, Brioni, and Alexander McQueen hit by Salesforce attacks - DataBreaches.Net

#insider-threat
fromwww.bbc.com
2 days ago

Gucci, Balenciaga and Alexander McQueen private data ransomed by hackers

Cyber criminals have stolen the private details of potentially millions of Balenciaga, Gucci and Alexander McQueen customers in an attack. The stolen data includes names, email addresses, phone numbers, addresses and the total amount spent in the luxury stores around the world. Kering, the parent company of the luxury brands, has confirmed the breach and says it disclosed the incident to the relevant data protection authorities.
Information security
Information security
fromSecurityWeek
2 days ago

West Virginia Credit Union Notifying 187,000 People Impacted by 2023 Data Breach

Fairmont Federal Credit Union suffered a 2023 data breach exposing personal and financial information of 187,038 individuals, including full card and account credentials.
UK news
fromwww.bbc.com
4 days ago

Woman loses faith in hospital after miscarriage

A woman lost trust in Queen Elizabeth Hospital after feeling dismissed during miscarriage care and experiencing appointment mix-ups and an unacknowledged data breach.
fromianVisits
5 days ago

London's weekly railway news

London Underground London Underground has invited union leaders to talks next week in a bid to resolve a dispute over pay and hours which led to strikes. Standard There are several out-of-date signs around the tube network, but few this one. Diamond Geezer Moment fare dodger pushes bike through ticket barrier at London's Bank Station Standard Sir Sadiq says strikes are 'ultimately a sign of failure' and again calls for the RMT and TfL to get around the negotiating table Standard
Travel
Information security
fromSecuritymagazine
6 days ago

1.6M Calls and Voicemails Exposed Online

Unprotected database exposed 1.6 million gym-related call recordings (2020–2025), risking PII leakage, voice-cloning misuse, social-engineering, and physical-security compromise.
#cyber-attack
fromwww.bbc.com
6 days ago

Children hacking their own schools for 'fun', watchdog warns

Since 2022, the ICO has investigated 215 hacks and breaches in education settings and says 57% were carried out by children. According to the new data, almost a third of the breaches involved students illegally logging into staff computer systems by guessing passwords or stealing details from teachers. In one incident, a seven-year-old was involved in a data breach and subsequently referred to the National Crime Agency's Cyber Choices programme to help them understand the seriousness of their actions.
Information security
Information security
fromTheregister
6 days ago

Brit rail operator data nicked after supplier breached

LNER customer contact details and some journey information were accessed via a third-party supplier; no bank, payment card, or password data were exposed.
fromTheregister
1 week ago

Jagar Land Rover confirms 'data affected' in cyber prang

However, in the latest update today, JLR confirmed that the situation was rather worse than initially estimated. A spokesperson said in a statement: "As a result of our ongoing investigation, we now believe that some data has been affected and we are informing the relevant regulators. Our forensic investigation continues at pace and we will contact anyone as appropriate if we find that their data has been impacted."
Information security
#plex
fromTheregister
1 week ago

Hundreds of teens' data exposed in school spreadsheet snafu

The breach involved the accidental disclosure of a spreadsheet sent to our parent body that contained student names, DOB, gender, parent/carer contact telephone numbers of students in Years 7 to 11. We have apologised to our school community for this incident and have been responding to any concerns throughout. Our first step was to contain the breach by contacting our management information system provider and ensuring that the SMS message was removed and recalled.
EU data protection
Privacy professionals
fromSecuritymagazine
1 week ago

Georgia Hospital Notifies 160K Individuals of Breach 1 Year After Incident

Wayne Memorial Hospital suffered a May 30, 2024 data breach affecting 163,440 individuals, with notification delayed until August 27, 2025.
Information security
fromEntrepreneur
1 week ago

Passwords Won't Secure Your Identity. Here's What Will. | Entrepreneur

Centralized passwords and legacy authentication systems cannot adequately protect vast digital identities exposed by massive data leaks and escalating cybercrime.
fromTheregister
1 week ago

Call audio from gym members, employees in open database

It was only after calling, asking individual gyms that mentioned their locations in the recording,
Information security
#salesforce
fromIT Pro
4 weeks ago
Information security

The Allianz Life data breach just took a huge turn for the worse

fromIT Pro
4 weeks ago
Information security

The Allianz Life data breach just took a huge turn for the worse

fromTechzine Global
1 week ago

Plex asks users to reset passwords after data breach

Plex recommends using the option that automatically logs out all connected devices after the change. This ensures that active sessions that could potentially be exploited by third parties are terminated and that users must log in again with their new credentials. Users who log in via Single Sign-On must take an additional step: they must manually log out of all devices via plex.tv/security and then log in again with their new login details.
Information security
Information security
fromThe Verge
1 week ago

It's time to change your Plex password again

Reset Plex account password immediately; sign out connected devices and enable two-factor authentication because emails, usernames, and hashed passwords were accessed.
fromDataBreaches.Net
1 week ago

Vietnam's national credit registration and reporting agency hacked; most of the population affected - DataBreaches.Net

Some data breaches make headlines for the number of people affected globally, such as a Facebook scraping incident in 2019 that affected 553 million people worldwide. Then there are breaches that affect a country's entire population or much of it, such as a misconfigured database that exposed almost the entire population of Ecuador in 2019, an insider breach that compromised the information of almost all Israelis in 2006,
Information security
#social-engineering
fromTechCrunch
1 week ago
Information security

VC giant Insight Partners notifies staff and limited partners after data breach | TechCrunch

Insight Partners completed notifying affected individuals after a January data breach that exposed banking, tax, fund, and personal information of employees and limited partners.
fromSecuritymagazine
4 weeks ago
Information security

Security Leaders Respond to Workday Cyber Incident

Workday experienced a social engineering-driven cybersecurity incident affecting its CRM vendor data, exposing potential employee-targeting risks while customer tenant data appears unaffected.
fromTechCrunch
1 week ago
Information security

VC giant Insight Partners notifies staff and limited partners after data breach | TechCrunch

Information security
fromWIRED
1 week ago

ICE Has Spyware Now

Compromised chatbot integrations allowed hackers to export large volumes of corporate Salesforce data, exposing credentials and customer information from hundreds of companies.
Business
fromFortune
1 week ago

Don't date at work, don't be a jerk: In our viral age, CEOs should behave like royalty to avoid being fired

CEOs face increasing removal for personal misconduct, prompting stricter expectations for off-duty behavior and internal reporting enforcement.
Privacy professionals
fromDataBreaches.Net
1 week ago

Texas sues PowerSchool over breach compromising info of over 880,000 students, teachers - DataBreaches.Net

A PowerSchool data breach exposed sensitive personal and health information of over 880,000 Texas students and teachers, prompting a lawsuit by the Texas Attorney General.
fromwww.bbc.com
2 weeks ago

Government unable to calculate Afghan data breach cost, watchdog says

The government is unable to calculate the total cost of a secret relocation plan it set up following the Afghan data leak, the public spending watchdog has said. The Ministry of Defence (MoD) estimates the cost of the massive data breach - and setting up a new scheme to relocate those whose lives might be at risk over it - to be 850m. But the National Audit Office (NAO) says the MoD has not provided enough evidence to give it confidence in that figure, which does not include legal expenses, or compensation claims likely to follow.
UK politics
fromTheregister
2 weeks ago

How big a Drift? Cloudflare cops to Salesloft Drift breach

Because of this breach, someone outside Cloudflare got access to our Salesforce instance, which we use for customer support and internal customer case management, and some of the data it contains,
Information security
Information security
fromArs Technica
2 weeks ago

Google says Gmail security is "strong and effective" as it denies major breach

Gmail's security remains strong; claimed mass breach was mistaken—only a corporate Salesforce server leak exposed public business contact data and phishing attacks increased.
Information security
fromIT Pro
2 weeks ago

The Salesloft Drift victim list keeps growing: Zscaler is the latest to confirm a breach, warning customers to remain wary of follow-up phishing attacks

Zscaler experienced a Salesforce data exposure after Salesloft Drift OAuth token theft, allowing limited access to contact details and Salesforce-related commercial information.
World news
fromDataBreaches.Net
2 weeks ago

Watchdog orders Lotte Card to compensate victims of hack - DataBreaches.Net

Lotte Card must set up a dedicated call center and prepare full reimbursement procedures after a cyber breach affecting 9.65 million customers.
Artificial intelligence
fromTheregister
2 weeks ago

China launches new 'AI+' policy to speed 'info revolution'

China's new AI+ policy aims to shift from connectivity to knowledge creation while promoting cautious AI adoption and stronger monitoring to manage security and social risks.
Information security
fromDataBreaches.Net
2 weeks ago

Massachusetts AG Secures $795,000 Settlement for Alleged Data Security and Breach Notification Failures by Peabody Properties Inc. - DataBreaches.Net

Property manager settled for $795,000 after repeated phishing breaches, delayed notifications, and must implement significant cybersecurity upgrades and monitoring.
#transunion
fromZDNET
2 weeks ago
Information security

Massive TransUnion breach leaks personal data of 4.4 million customers - what to do now

fromIT Pro
2 weeks ago
Information security

4.5 million people just had their data exposed in the TransUnion breach - here's what customers need to know

fromZDNET
2 weeks ago
Information security

Massive TransUnion breach leaks personal data of 4.4 million customers - what to do now

fromIT Pro
2 weeks ago
Information security

4.5 million people just had their data exposed in the TransUnion breach - here's what customers need to know

#cervical-cancer-screening
fromTheregister
2 weeks ago

UK government dragged for incomplete security reforms

It examined 11 major UK data breaches between 2008 and 2023, including the Ministry of Defence's (MoD) dangerous email blunder that exposed the details of Afghans who worked with British forces during the conflict with the Taliban, as well as British troops and spies. The others included a similar email mistake made by the Police Service of Northern Ireland, Norfolk and Suffolk police forces, Digital ID, another MoD leak of data to Malian recipients instead of US military (.ml/.mil), and more in the public sector.
UK politics
UK politics
fromwww.theguardian.com
2 weeks ago

Government faces questions after review of 11 major UK data breaches

Government implemented 12 of 14 recommendations after multiple public sector data breaches, but delays and secrecy have undermined public trust and endangered affected individuals.
Information security
fromTheregister
2 weeks ago

SK Telecom walloped with $97M fine after schoolkid security

SK Telecom left its network unsecured, enabling hackers to steal USIM data of about 23 million subscribers and prompting a record ₩134.5 billion fine.
Privacy professionals
fromDataBreaches.Net
2 weeks ago

South Korea fines SK Telecom US$97M over data breach - DataBreaches.Net

SK Telecom fined 134.8 billion won for weak security and late reporting after a USIM data breach exposed nearly half of South Koreans' details.
Information security
fromSecuritymagazine
2 weeks ago

1.1M Impacted by Farmers Insurance Data Breach, Security Leaders Discuss

Farmers Insurance suffered a third-party breach of ~1.1 million customers' PII—names, addresses, birthdates, driver’s license numbers, last four SSNs—possibly tied to Salesforce social engineering.
fromTheregister
2 weeks ago

Church of England abuse victims exposed by lawyer's email

We have contacted everyone who received the message and have reported the incident to the Charity Commission, the Information Commissioner's Office and the Solicitor's Regulatory Authority. We will fully comply with any investigations. We understand the significant impact this will have on those affected for which we apologise unreservedly. We remain committed to supporting victims and survivors of Church of England-related abuse to secure the financial redress, therapeutic, spiritual and emotional support, acknowledgement of wrongdoing on the part of the Church, apology and other forms of bespoke redress under this scheme.
UK news
Information security
fromwww.bbc.com
2 weeks ago

MoD staff warned not to share hidden data before Afghan leak

MoD staff were warned not to share data containing hidden spreadsheet tabs before a 2022 leak that exposed details of nearly 19,000 asylum applicants.
#church-of-england
Information security
fromZDNET
3 weeks ago

1.1M insurance customers were exposed in a data breach - here's what to know

A Farmers Insurance data breach exposed sensitive personal information of about 1.1 million customers.
#social-security
fromTechCrunch
3 weeks ago
Information security

DOGE uploaded live copy of Social Security database to 'vulnerable' cloud server, says whistleblower | TechCrunch

fromTechCrunch
3 weeks ago
Information security

DOGE uploaded live copy of Social Security database to 'vulnerable' cloud server, says whistleblower | TechCrunch

fromwww.theguardian.com
3 weeks ago

Elon Musk's Doge put sensitive social security data at risk, whistleblower says

The complaint from Charles Borges, the chief data officer at the SSA, alleges that Doge staffers effectively created a live copy of the entire country's social security data from its numerical identification system database. The information is a goldmine for bad actors, the complaint alleges, and was placed on a server without independent oversight that only Doge officials could access.
US politics
fromAbove the Law
3 weeks ago

Senator Asks Chief Justice To Give A Damn About Cybersecurity - Above the Law

U.S. Senator Ron Wyden on Monday asked Chief U.S. Supreme Court Justice John Roberts to commission an independent review of the federal judiciary's cybersecurity practices, following a major hack of the court system's electronic case management system. Wyden, a Democrat from Oregon, in a letter to Roberts said the recent breach of the federal judiciary's filing system marked the second time since 2020 it had been hacked by foreign actors exploiting the same cyber vulnerabilities.
US politics
fromTheregister
3 weeks ago

1.1M Farmers Insurance customers snared in breach

US insurance giant Farmers Insurance says more than a million customers had personal data nicked after a third-party vendor was compromised. The insurer, which sells car, home, life, and business cover to more than 10 million Americans, briefly published an advisory on its website confirming the breach before quietly pulling it offline [PDF]. Farmers isn't saying why, but companies sometimes retract notices to tweak wording or to coordinate with regulators.
Information security
fromwww.bbc.com
3 weeks ago

My ex stalked me, so I joined a 'dating safety' app. Then my address was leaked

When she finally got back on to the dating scene, she was wary. She decided to sign up for a new app where women could do background checks and share experiences of men they were dating. Users of the US-based Tea Dating Advice app, which is only available in America, could flag if potential partners were married or registered sex offenders. They could run reverse image searches to check against people using fake identities.
Privacy professionals
Information security
fromTheregister
3 weeks ago

Criminal background checker APCS faces data breach

Access Personal Checking Services customer data was compromised via a cyberattack on third-party developer Intradev; investigation and containment are underway.
fromTheregister
3 weeks ago

Orange Belgium's 850K mega-breach raises fraud fears

The association between the SIM ID, phone numbers, and real names is worrying and could enable very targeted frauds, such as phishing attacks addressing people by name or to re-associate phone numbers with a real person.
Information security
Information security
fromTechzine Global
3 weeks ago

Colt now admits scale of attack as perpetrators auction off data

Colt Technology Services confirmed customer data theft after initial denial; services remain disrupted while hacker group Warlock auctions the stolen data.
Cannabis
fromDataBreaches.Net
4 weeks ago

UK Cannabis Clinic CB1 Medical Investigating As Patients Affected By Major Data Leak - DataBreaches.Net

CB1 Medical experienced a data breach exposing patients' personal and prescription details on a file-hosting site, prompting removal and investigation without evidence of wider misuse.
Privacy professionals
fromWIRED
4 weeks ago

Highly Sensitive Medical Cannabis Patient Data Exposed by Unsecured Database

A significant data breach compromised sensitive health information of nearly a million medical cannabis patients in Ohio.
[ Load more ]