#data-breach
#data-breach

Privacy professionals

Medical, utility tech companies hit by intruders

Information security

Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack

Burglar alarm biz gets burgled, ShinyHunters pursues ransom

ADT confirmed a cyber intrusion by ShinyHunters, claiming over 10 million records were stolen, while ADT reported a limited data breach.

fromFortune

A group of users leaked Anthropic's AI model Mythos by reportedly guessing where it was located | Fortune

Unauthorized access to Anthropic's Mythos model raises significant cybersecurity concerns.

Vercel says some of its customers' data was stolen prior to its recent hack | TechCrunch

Vercel experienced a data breach affecting customer accounts, with evidence of prior compromises suggesting broader security implications.

6 hours ago

In Other News: Scattered Spider Hacker Arrested, SOC Effectiveness Metrics, NSA Tool Vulnerability

Key cybersecurity developments include OFAC actions against Iranian crypto, the arrest of a Scattered Spider member, and a major data leak at ADT.

Medical, utility tech companies hit by intruders

Digital intruders breached Itron and Medtronic, leading to investigations and potential data leaks.

Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack

Checkmarx's investigation reveals a cybercriminal group published data from its GitHub repository on the dark web following a supply chain attack.

Burglar alarm biz gets burgled, ShinyHunters pursues ransom

ADT confirmed a cyber intrusion by ShinyHunters, claiming over 10 million records were stolen, while ADT reported a limited data breach.

fromFortune

A group of users leaked Anthropic's AI model Mythos by reportedly guessing where it was located | Fortune

Unauthorized access to Anthropic's Mythos model raises significant cybersecurity concerns.

Vercel says some of its customers' data was stolen prior to its recent hack | TechCrunch

Vercel experienced a data breach affecting customer accounts, with evidence of prior compromises suggesting broader security implications.

more#cybersecurity

fromComputerWeekly.com

Almost half of UK businesses hit by cyber attacks | Computer Weekly

Cyber security threats in the UK are significant, with many organizations experiencing breaches or attacks, highlighting the need for robust security measures.

French prosecutors link 15-year-old to gov mega-breach

The Paris Prosecutor's Office announced on Thursday that the minor, suspected of using the online alias 'breach3d', faces two computer crime allegations linked to an intrusion in which between 12 million and 18 million lines of data were offered for sale on cybercrime forums.

France news

Dental practice software maker fixes bug that exposed patients' medical records | TechCrunch

A security flaw in Practice by Numbers' patient portal exposed private health records of patients, allowing unauthorized access to sensitive information.

fromWIRED

Exposed Data Illustrates the Nightmare Scenario for a Stalkerware Victim

Stalkerware enables secret surveillance of individuals, leading to severe privacy violations and potential data breaches of sensitive information.

Sandhills Medical Says Ransomware Breach Affects 170,000

Sandhills Medical Foundation experienced a data breach affecting nearly 170,000 individuals due to a ransomware attack discovered on May 8, 2025.

Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure

A critical SQL injection vulnerability in LiteLLM was exploited shortly after disclosure, allowing unauthorized access to sensitive database information.

#uk-biobank

UK politics

UK braces for further leaks after more private health records appear on Chinese website

Confidential health records of UK Biobank volunteers have been listed on Alibaba, prompting government action and raising concerns about data re-identification risks.

UK Biobank Data of 500K Listed for Sale in China

Sensitive UK Biobank data was found for sale on Alibaba, revealing private information of 500,000 participants without names or phone numbers.

UK Biobank data from 500,000 volunteers listed for sale on Alibaba after Chinese research institutions broke access agreements

Data from 500,000 UK Biobank volunteers was listed for sale on Alibaba due to a breach by three Chinese research institutions.

fromComputerWeekly.com

Medical data of half a million Britons on sale in China after Biobank breach | Computer Weekly

Medical data of 500,000 British citizens was offered for sale on a Chinese website after a breach at UK Biobank.

Private health records of half a million Britons offered for sale on Chinese website

Confidential health records of 500,000 UK Biobank volunteers were found for sale on Alibaba, raising security concerns.

UK Biobank health data listed for sale in China, government confirms

Health data of 500,000 UK Biobank members was found for sale online, but it did not include personally identifying information.

UK politics

UK braces for further leaks after more private health records appear on Chinese website

Confidential health records of UK Biobank volunteers have been listed on Alibaba, prompting government action and raising concerns about data re-identification risks.

UK Biobank Data of 500K Listed for Sale in China

Sensitive UK Biobank data was found for sale on Alibaba, revealing private information of 500,000 participants without names or phone numbers.

UK Biobank data from 500,000 volunteers listed for sale on Alibaba after Chinese research institutions broke access agreements

Data from 500,000 UK Biobank volunteers was listed for sale on Alibaba due to a breach by three Chinese research institutions.

fromComputerWeekly.com

Medical data of half a million Britons on sale in China after Biobank breach | Computer Weekly

Medical data of 500,000 British citizens was offered for sale on a Chinese website after a breach at UK Biobank.

Private health records of half a million Britons offered for sale on Chinese website

Confidential health records of 500,000 UK Biobank volunteers were found for sale on Alibaba, raising security concerns.

UK Biobank health data listed for sale in China, government confirms

Health data of 500,000 UK Biobank members was found for sale online, but it did not include personally identifying information.

more#uk-biobank

fromArs Technica

Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden

Current evidence indicates that this data originated from Checkmarx's GitHub repositories, and that access to those repositories was facilitated through the initial supply chain attack of March 23, 2023.

Information security

ADT Confirms Major Data Breach Exposing Millions of Names, Partial SSNs

ADT's home security systems were not compromised, but customer data including names and partial Social Security numbers was exposed in a data breach.

Vimeo Confirms User and Customer Data Breach

Vimeo confirmed a data breach involving user data theft through a third-party vendor, but no video content or payment information was compromised.

Pitney Bowes the latest victim of ShinyHunters' breach-spree

Data breach tracker Have I Been Pwned (HIBP) confirmed the breach on April 27, with 8.2 million unique email addresses included in the dump alongside names, phone numbers, and physical addresses.

Privacy professionals

#medtronic

Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak

Medtronic confirmed a hack by ShinyHunters, claiming millions of records were stolen, but asserts no impact on patient safety or operations.

What the Medtronic Breach Means for Security Experts

Medtronic confirmed a data breach but reported no impact on patient safety or operations due to separate IT networks.

Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak

Medtronic confirmed a hack by ShinyHunters, claiming millions of records were stolen, but asserts no impact on patient safety or operations.

What the Medtronic Breach Means for Security Experts

Medtronic confirmed a data breach but reported no impact on patient safety or operations due to separate IT networks.

Ongoing supply-chain attack targets security, dev tools

Checkmarx's GitHub repository was compromised, leading to a data leak by the Lapsus$ extortion group.

#cyberattack

Critical infrastructure giant Itron says it was hacked | TechCrunch

Itron confirmed a cyberattack in April, with hackers accessing some systems but no signs of further intrusions detected.

Hacker group threatens to release Grand Theft Auto VI data in Rockstar Games attack

Rockstar Games faces a cyberattack from ShinyHunters, demanding ransom or threatening to leak stolen data.

Gym giant Basic-Fit breached with at least 1M affected

Basic-Fit confirmed a cyberattack resulted in the theft of data, including bank details, of around one million customers across six countries.

Critical infrastructure giant Itron says it was hacked | TechCrunch

Itron confirmed a cyberattack in April, with hackers accessing some systems but no signs of further intrusions detected.

Hacker group threatens to release Grand Theft Auto VI data in Rockstar Games attack

Rockstar Games faces a cyberattack from ShinyHunters, demanding ransom or threatening to leak stolen data.

Gym giant Basic-Fit breached with at least 1M affected

Basic-Fit confirmed a cyberattack resulted in the theft of data, including bank details, of around one million customers across six countries.

more#cyberattack

ADT Breach Confirmed: Names, Phone Numbers, and Addresses Exposed

ADT experienced a data breach, with personal information of customers accessed, but no payment information was compromised.

Energy and Water Management Firm Itron Hacked

Itron is investigating unauthorized access to its systems, but operations continue and no significant impact is expected.

Ransomware Negotiator Pleads Guilty to Deploying Ransomware Himself

A ransomware negotiator conspired with hackers, betraying clients and facilitating attacks against multiple companies.

Data Breach at Tennessee Hospital Affects 337,000

Cookeville Regional Medical Center experienced a ransomware attack, compromising data of over 337,000 individuals, including sensitive personal and medical information.

Ransomware Hits Automotive Data Expert Autovista

Autovista is working to restore services after a ransomware attack affected its systems in Europe and Australia.

5 days ago

Ransomware Negotiator Pleads Guilty to Deploying Ransomware Himself

A ransomware negotiator conspired with hackers, betraying clients and facilitating attacks against multiple companies.

Data Breach at Tennessee Hospital Affects 337,000

Cookeville Regional Medical Center experienced a ransomware attack, compromising data of over 337,000 individuals, including sensitive personal and medical information.

Ransomware Hits Automotive Data Expert Autovista

Autovista is working to restore services after a ransomware attack affected its systems in Europe and Australia.

more#ransomware

ShinyHunters claim they have cruise giant Carnival's booty

Carnival Corporation faces a significant data breach involving 7.5 million email addresses linked to its Mariner Society loyalty program.

The Top 8 Enterprise VPN Solutions

Secure remote connections are critical for businesses to prevent data breaches, with enterprise VPN solutions being a top priority.

How a simple consumer data breach spiralled into a national security crisis in US-South Korea relations

A data breach at Coupang has escalated into a diplomatic crisis affecting US-South Korea relations.

#ai-security

Information security

Anthropic's Mythos breach was humiliating

Information security

Anthropic Mythos shaping up as nothingburger

Artificial intelligence

Rogue Group Gains Access to Anthropic's Dangerous New Mythos AI

Information security

Unauthorized Users Accessed Claude Mythos, New Reports Suggest

Information security

Anthropic's most dangerous AI model just fell into the wrong hands

Anthropic's Mythos breach was humiliating

Unauthorized access to Anthropic's AI model Mythos raises serious concerns about cybersecurity and safety protocols.

Anthropic Mythos shaping up as nothingburger

Anthropic's Mythos model is under scrutiny due to unauthorized access concerns, despite its intended purpose of identifying vulnerabilities.

Artificial intelligence

Rogue Group Gains Access to Anthropic's Dangerous New Mythos AI

Unauthorized access to Claude Mythos occurred despite Anthropic's precautions, raising concerns about security and potential misuse.

Unauthorized Users Accessed Claude Mythos, New Reports Suggest

Unauthorized access to Anthropic's AI model, Claude Mythos Preview, raises security concerns among experts due to its ability to identify digital vulnerabilities.

Anthropic's most dangerous AI model just fell into the wrong hands

Mythos AI model accessed by unauthorized users, raising cybersecurity concerns about its potential misuse.

more#ai-security

Another customer of troubled startup Delve suffered a big security incident | TechCrunch

Delve faces multiple allegations and security incidents, leading to loss of customers and damaged reputation.

Some Interrail travellers told to cancel passports as hacked data posted online

Holidaymakers in Europe must replace passports after personal data was hacked and sold on the dark web, causing stress and financial burden.

fromReadWrite

Caesars sued over 2026 data breach claims

Caesars Entertainment faces a class action lawsuit for failing to protect customer data during a second cyber incident after a previous breach in 2023.

Luxury Cosmetics Giant Rituals Discloses Data Breach

Rituals experienced a data breach affecting My Rituals members' personal information, but no passwords or payment details were compromised.

#vercel

Information security

Vercel Finds More Compromised Accounts in Context.ai-Linked Breach

Vercel Confirms Major Security Incident as Hacker Claims $2M Ransom Demand

Vercel confirmed a security incident involving unauthorized access to internal systems, with a threat actor claiming to sell stolen company data.

Information security

App host Vercel confirms security incident, says customer data was stolen via breach at Context AI | TechCrunch

fromInfoWorld

Information security

Hackers exploit Vercel's trust in AI integration

Information security

Next.js Creator Vercel Hacked

Information security

Next.js developer Vercel warns customer creds compromised

Vercel Finds More Compromised Accounts in Context.ai-Linked Breach

Vercel identified additional compromised customer accounts linked to a security incident involving unauthorized access to its internal systems.

Vercel Confirms Major Security Incident as Hacker Claims $2M Ransom Demand

Vercel confirmed a security incident involving unauthorized access to internal systems, with a threat actor claiming to sell stolen company data.

App host Vercel confirms security incident, says customer data was stolen via breach at Context AI | TechCrunch

Vercel experienced a data breach due to a compromised employee account linked to Context AI, exposing customer credentials.

fromInfoWorld

Hackers exploit Vercel's trust in AI integration

Sensitive secrets should be treated as potentially exposed and rotated as a priority.

Next.js Creator Vercel Hacked

Vercel confirmed a data breach involving unauthorized access to internal systems and compromised customer credentials.

Next.js developer Vercel warns customer creds compromised

Vercel experienced a data leak due to a compromise of Context.ai, affecting customer credentials and prompting immediate action.

more#vercel

fromLos Angeles Times

How did thousands of sensitive LAPD files get leaked? City officials seek explanation

Councilmember Ysabel Jurado stated that she expected City Attorney Hydee Feldstein Soto to provide detailed answers regarding the data breach, but instead received an internal report that left many questions unanswered.

Los Angeles

fromEngadget

France's national agency for managing IDs and passports suffered a data breach last week

France Titres confirmed a security breach exposing personal data, including names and contact information, with potential for phishing attacks.

France confirms data breach at government agency that manages citizens' IDs | TechCrunch

The French government agency ANTS confirmed a data breach affecting citizens' identity documents, potentially involving millions of personal records.

Hackers Claim 19M Records Stolen From French Government Agency

A security incident at ANTS may have compromised citizen data, including personal information of 19 million records.

France confirms data breach at government agency that manages citizens' IDs | TechCrunch

The French government agency ANTS confirmed a data breach affecting citizens' identity documents, potentially involving millions of personal records.

Hackers Claim 19M Records Stolen From French Government Agency

A security incident at ANTS may have compromised citizen data, including personal information of 19 million records.

more#ants

#customer-information

Cosmetics giant Rituals confirms data breach of customer membership records | TechCrunch

Rituals confirmed a data breach affecting customers' personal information after hackers stole data from its membership database.

Booking.com Customer Data Hacked, Exposed

Booking.com experienced a data breach, exposing customer booking information but not financial data.

Cosmetics giant Rituals confirms data breach of customer membership records | TechCrunch

Rituals confirmed a data breach affecting customers' personal information after hackers stole data from its membership database.

more#customer-information

Booking.com Customer Data Hacked, Exposed

Booking.com experienced a data breach, exposing customer booking information but not financial data.

France's 'Secure' ID agency probes claimed 19M record breach

A significant data breach may have exposed personal information of up to 19 million individuals in France.

Artificial intelligence

Toxic Combinations: When Cross-App Permissions Stack into Risk

Moltbook's database exposure revealed significant security risks, including unencrypted credentials and API tokens, due to poor oversight of AI agent integrations.

fromFast Company

Lovable left AI prompts and user data exposed, one researcher found

Lovable's platform exposed users' private data, including chat histories and source code, to other users due to a significant data breach.

Data Breaches at Healthcare Organizations in Illinois and Texas Affect 600,000

Three US healthcare organizations reported data breaches affecting nearly 600,000 individuals, with significant incidents in Texas and Illinois.

#security

fromwww.businessinsider.com

Hot AI startup Lovable's security stumble shows one big risk in vibe coding

Lovable experienced a security issue allowing access to user data, prompting concerns about vibe coding among software engineers.

Exclusive: Fashion retailer Express left customers' personal data and order details exposed to the internet

Express fixed a security flaw that exposed customer order details and personal information on its website.

fromwww.businessinsider.com

Hot AI startup Lovable's security stumble shows one big risk in vibe coding

Lovable experienced a security issue allowing access to user data, prompting concerns about vibe coding among software engineers.

Exclusive: Fashion retailer Express left customers' personal data and order details exposed to the internet

Express fixed a security flaw that exposed customer order details and personal information on its website.

more#security

Lovable denies data leak, cites 'intentional behavior'

Lovable's platform has a significant security flaw allowing free accounts to access sensitive user information, raising concerns about data protection.

Amtrak Data Breach Exposes 2.1M Records, Reports Suggest Larger Leak

Amtrak customers face data exposure due to a breach affecting millions of records, including personal and travel-related information.

fromMail Online

CrunchyRoll users slammed with lawsuit as millions of users exposed

Crunchyroll faces a class-action lawsuit after a data breach exposed personal information of 6.8 million users due to inadequate data security.

Vercel Breach Originated from an Employee's AI Tool

Vercel confirmed a data breach caused by a third-party AI tool used by an employee, impacting a limited subset of customers.

fromTechzine Global

Dutch ecommerce site Bol.com investigates claims of a data breach

A dataset of approximately 400,000 customer records from Bol.com is allegedly for sale, raising concerns about a potential data breach.

Clothing Retailer Patches Website Flaw Exposing Customer Data

A flaw in Express's website allowed unauthorized access to customer data through sequential order IDs in URLs.

McGraw-Hill Confirms Data Exposure, Hackers Claim 45M Salesforce Records Leaked

Unauthorized access to limited internal data at McGraw-Hill was linked to a Salesforce misconfiguration, raising concerns about potential identity fraud and harassment.

Information security

McGraw Hill linked to 13.5M-record data leak

McGraw Hill experienced a data breach exposing 13.5 million records due to a Salesforce misconfiguration, leading to personal information circulating online.

McGraw-Hill Confirms Data Exposure, Hackers Claim 45M Salesforce Records Leaked

Unauthorized access to limited internal data at McGraw-Hill was linked to a Salesforce misconfiguration, raising concerns about potential identity fraud and harassment.

McGraw Hill linked to 13.5M-record data leak

McGraw Hill experienced a data breach exposing 13.5 million records due to a Salesforce misconfiguration, leading to personal information circulating online.

more#mcgraw-hill

Comcast's $117.5M Breach Settlement: Up to 30M People May Qualify

Comcast will pay $117.5 million in a class action settlement due to a 2023 cybersecurity incident exposing customer data.

NYC startup

Companies Just Learned a Brutal Lesson About Training AI to Do Human Jobs

Mercor, an AI company, faces lawsuits after a data breach exposed sensitive information from contractors and clients, highlighting vulnerabilities in the AI supply chain.

#bookingcom

Booking.com customers warned of 'reservation hijacking' after hack

A data breach at Booking.com has led to increased scams known as 'reservation hijacks' targeting customers.

Booking.com warns of possible reservation data exposure

Booking.com warns customers of potential data exposure due to unauthorized access, affecting reservation details but not financial information.

fromTechzine Global

Booking.com confirms data breach, but is tight-lipped about details

A data breach at Booking.com exposed customer bookings, with unauthorized access to personal information, though the extent and timing remain unclear.

Booking.com customers warned of 'reservation hijacking' after hack

A data breach at Booking.com has led to increased scams known as 'reservation hijacks' targeting customers.

Booking.com warns of possible reservation data exposure

Booking.com warns customers of potential data exposure due to unauthorized access, affecting reservation details but not financial information.

fromTechzine Global

Booking.com confirms data breach, but is tight-lipped about details

A data breach at Booking.com exposed customer bookings, with unauthorized access to personal information, though the extent and timing remain unclear.

Video games

Rockstar Stock Goes Up After Hackers Leak GTA Online Revenue Numbers

Rockstar Games confirms third-party breach hit company data

ShinyHunters claims to have accessed Rockstar Games' data through a third-party breach, demanding payment to avoid leaking information.

GTA-maker Rockstar Games hacked again but downplays impact

Rockstar Games experienced a data breach by hackers demanding ransom, but the company claims it has no impact on its operations or players.

fromGadgets 360

Rockstar Games Suffers Data Breach Again as Hackers Threaten With Leak

Rockstar Games confirmed a data breach by hackers threatening to leak information unless a ransom is paid.

fromEngadget

Rockstar Games has confirmed it was hit by third-party data breach

ShinyHunters claims to have breached Rockstar Games' servers, demanding payment to prevent data leaks.

fromKotaku

GTA 6 Developer Rockstar Reportedly Hacked, Data Being Ransomed

ShinyHunters claims to have breached Rockstar Games' cloud servers, demanding ransom by April 14 or threatening to leak corporate data.

fromKotaku

Video games

Rockstar Stock Goes Up After Hackers Leak GTA Online Revenue Numbers

Rockstar Games confirms third-party breach hit company data

ShinyHunters claims to have accessed Rockstar Games' data through a third-party breach, demanding payment to avoid leaking information.

GTA-maker Rockstar Games hacked again but downplays impact

Rockstar Games experienced a data breach by hackers demanding ransom, but the company claims it has no impact on its operations or players.

fromGadgets 360

Rockstar Games Suffers Data Breach Again as Hackers Threaten With Leak

Rockstar Games confirmed a data breach by hackers threatening to leak information unless a ransom is paid.

fromEngadget

Rockstar Games has confirmed it was hit by third-party data breach

ShinyHunters claims to have breached Rockstar Games' servers, demanding payment to prevent data leaks.

fromKotaku

GTA 6 Developer Rockstar Reportedly Hacked, Data Being Ransomed

ShinyHunters claims to have breached Rockstar Games' cloud servers, demanding ransom by April 14 or threatening to leak corporate data.

Europe's Largest Gym Chain Says Data Breach Impacts 1 Million Members

Basic-Fit experienced a data breach affecting personal information of approximately 1 million members across several European countries.

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.

Europe's Largest Gym Chain Says Data Breach Impacts 1 Million Members

Basic-Fit experienced a data breach affecting personal information of approximately 1 million members across several European countries.

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.

more#basic-fit