#data-breach

#data-breach

A report by the National Cyber Security Centre found that documents prepared by the Office for Budget Responsibility were downloaded on "at least" 24,701 occasions in the hour before Rachel Reeves delivered her Budget speech on 26 November. The figure is far higher than the 43 downloads cited in an initial internal review. The NCSC said the first full download of the OBR's forecasts occurred shortly after 11.35am on Budget day,

Betterment, which offers automated investment and financial planning services, first disclosed the breach in January after detecting unauthorized access to certain internal systems on January 9. Betterment said the hacker gained entry through a social engineering scheme that relied on impersonation to infiltrate third-party marketing and operations tools, then used that access to send customers a fraudulent cryptocurrency promotion disguised as an official company message.

The rise of OpenClaw, a proactive agentic AI controlled through interfaces more familiar to the average user than tools like Anthropic's Claude Code, which enthralled early adopters over the holiday period, has been one of the most seismic shifts in the AI world since the release of ChatGPT. By piggybacking on user-friendly interfaces paired with powerful AI agent technology, OpenClaw has pushed AI further into the public eye.

Catch up quick: Researchers reported last month that bondu, an AI-powered conversational toy company, inadvertently exposed children's chat transcripts and personal data through a publicly accessible portal. Bondu, which allows parents to check their children's conversations, said it took down the exposed portal and relaunched it the next day with authentication measures, according to Wired. Driving the news: New Hampshire Senator Maggie Hassan, the ranking member of the Senate's Joint Economic Committee, is now asking bondu to explain how the exposure occurred.

The company became aware of the breach which included personal information of its website customers "including credit card information" on Friday, it told CBC News in a statement. Canada Computers & Electronics said the affected customers were informed on Monday, given recommendations about steps to take, and that the breach was reported to authorities. But neither the statement, nor the notices seen by CBC News that went out to customers, says when the breach happened, how long it lasted or how many customers were affected.

A data breach at SoundCloud that came to light in December 2025 is now becoming clearer. The data breach monitor Have I Been Pwned added the leaked dataset to its database this week, revealing the true extent of the impact. SoundCloud is a global audio platform where artists and listeners come together and where hundreds of millions of music and audio tracks are hosted.

The Department of Education in Victoria, Australia, notified parents that attackers accessed a database containing the personal information and email addresses of current and former students, prompting password resets. The department disclosed the breach in letters sent to parents, stating that an unauthorized third party accessed students' names, school names, year levels, and school-issued email addresses, as well as encrypted passwords for accounts that use them.

Eurail B.V. has unfortunately experienced a security breach within our systems that resulted in unauthorized access to customer data. Following the discovery, we immediately began work to secure our systems and initiated an investigation with the support of external cybersecurity specialists and legal advisors. We take this matter very seriously and are currently conducting a thorough investigation to determine the full scope of the incident and its potential impact on customers, which includes participants of the European Commission's DiscoverEU action.