#data-breach

[ follow ]
Canada news
fromwww.cbc.ca
3 days ago

Toys 'R' Us Canada notifies customers that personal information might have been compromised in breach | CBC News

Toys "R" Us Canada experienced a customer data breach exposing names, addresses, emails and phone numbers, but not passwords or payment details.
Privacy professionals
fromDataBreaches.Net
4 days ago

Kaufman County's data breach was their second one in three weeks - DataBreaches.Net

Kaufman County experienced two data breaches in October that may have exposed residents' personal information, including Social Security numbers.
fromBusiness Insider
5 days ago

Apple is cracking down on those viral 'Tea' apps, citing persistent privacy concerns

A spokesperson for Apple told Business Insider that both apps were removed for not meeting "requirements around content moderation and user privacy, in addition to receiving an excessive number of user complaints and negative reviews - including complaints of minors' personal information being posted in the apps." The spokesperson added that for Apple, the general approach after discovering a violation is to communicate with the app developer to bring the platform up to standard.
Apple
#cyberattack
fromDataBreaches.Net
1 week ago
UK news

UK: 'Catastrophic' attack as Russians hack files on EIGHT MoD bases and post them on the dark web - DataBreaches.Net

fromDataBreaches.Net
1 week ago
UK news

UK: 'Catastrophic' attack as Russians hack files on EIGHT MoD bases and post them on the dark web - DataBreaches.Net

#ransomware
fromDataBreaches.Net
5 days ago
Law

Bombay High Court Orders Department of Telecommunications to Block Medusa Accounts After Generali Insurance Data Breach - DataBreaches.Net

fromDataBreaches.Net
6 days ago
Information security

Attorney General James Announces Settlement with Wojeski & Company Accounting Firm - DataBreaches.Net

fromIT Pro
6 days ago
Information security

Volkswagen confirms security 'incident' amid ransomware breach claims

fromThe Walrus
1 week ago
Information security

The Cyberattack That Stole 280,000 Identities-and Showed How Easily We Can Be Duped | The Walrus

fromIT Pro
1 week ago
EU data protection

Capita fined 14 million after it 'failed to ensure the security' of of personal data

fromDataBreaches.Net
5 days ago
Law

Bombay High Court Orders Department of Telecommunications to Block Medusa Accounts After Generali Insurance Data Breach - DataBreaches.Net

fromDataBreaches.Net
6 days ago
Information security

Attorney General James Announces Settlement with Wojeski & Company Accounting Firm - DataBreaches.Net

fromIT Pro
6 days ago
Information security

Volkswagen confirms security 'incident' amid ransomware breach claims

fromThe Walrus
1 week ago
Information security

The Cyberattack That Stole 280,000 Identities-and Showed How Easily We Can Be Duped | The Walrus

fromIT Pro
1 week ago
EU data protection

Capita fined 14 million after it 'failed to ensure the security' of of personal data

fromTheregister
6 days ago

ICO defends decision not to investigate MoD Afghan data leak

The MoD was responsible for the accidental data breach, which took place in February 2022 and is likely to have cost more than £850 million. Evidence of the breach only came to light in July this year after a government superinjunction, imposed in August 2023, was lifted. According to a report [PDF] from the National Audit Office (NAO), the MoD first became aware of the data breach in August 2023 when personal details of ten individuals from the dataset were posted to Facebook.
Information security
Privacy professionals
fromZDNET
6 days ago

AT&T customer? Claim up to $7,500 from $177M data breach settlement - don't miss the new deadline

AT&T's $177 million settlement for 2019 and 2024 data breaches lets affected customers claim up to $7,500 by Dec. 18, 2025.
UK news
fromdatabreaches.net
6 days ago

Cyber-Attack On Bectu's Parent Union Sparks UK National Security Concerns DataBreaches.Net

A June cyber-attack on Prospect exposed data of most of its 150,000 members, including sensitive information with potential national security implications.
fromTheregister
1 week ago

Cifas exposes dozens of email addresses in invite mishap

Anti-fraud nonprofit Cifas was left red-faced after sending out a calendar invite that exposed the email addresses of dozens of individuals working across the fraud space. The invite was sent in August to a session scheduled for October 16 about the organization's JustMe app, which allows individuals to confirm if applications made in their name are genuine. Over a dozen addresses were exposed in the To field, with another 45 in the CC field, according to the message.
EU data protection
#salesforce
fromDataBreaches.Net
1 week ago
Information security

Hackers Say They Have Personal Data of Thousands of NSA and Other Government Officials - DataBreaches.Net

fromDataBreaches.Net
1 week ago
Information security

Hackers Say They Have Personal Data of Thousands of NSA and Other Government Officials - DataBreaches.Net

#cybersecurity
UK news
fromwww.independent.co.uk
1 week ago

Thousands of civil servant passwords leaked online as experts warn of serious risk'

More than 3,000 passwords belonging to British civil servants have been leaked on the deep and dark web, with several local authorities affected, posing national security risks.
Information security
fromTheregister
1 week ago

Asahi admits personal data may have been slurped in breach

Asahi admits personal information may have been transferred in a September ransomware attack that disrupted operations, caused logistics delays, and prompted a financial-results postponement.
fromDataBreaches.Net
1 week ago

Before Their Telegram Channel Was Banned Again, ScatteredLAPSUS$Hunters Dropped Files Doxing Government Employees - DataBreaches.Net

On October 16 and 17, the ScatteredLAPSUS$Hunters Telegram channel repeatedly violated Telegram's TOS by leaking personal information on people - and in this case, information on employees of the Department of Justice (DOJ/FBI), U.S. Attorneys Office (DOJ/USAO), the Department of Homeland Security (DHS), and the Federal Aviation Authority (FAA). DataBreaches did not report on it at the time precisely because the files were still exposed. Instead, DataBreaches contacted Telegram to inquire why the channel hadn't been banned again for leaking sensitive information about government employees.
Information security
fromDataBreaches.Net
1 week ago

Data BreachesProsper Data Breach Impacts 17.6 Million Accounts - DataBreaches.Net

More than 17 million individuals were likely impacted by a data breach at peer-to-peer lending marketplace Prosper, data breach notification service Have I Been Pwned warns.Prosper disclosed the incident last month, noting that hackers accessed its network and stole confidential, proprietary, and personal information from its systems. According to the US-based company, the attackers queried its database containing customer information and applicant data to exfiltrate the information, but did not access user accounts.
Information security
#oracle-e-business-suite
Information security
fromTheregister
1 week ago

Have I Been Pwned logs 17.6M victims in Prosper breach

A September cyberattack on Prosper allegedly exposed personal data for about 17.6 million people, including Social Security numbers and various identity and contact details.
fromwww.amny.com
1 week ago

Column | Final Phase for NY Cybersecurity Regulation: Is Your Financial Institution in Compliance? | amNewYork

In August, the New York State Department of Financial Services reached agreement with Healthplex, Inc., a licensed insurance agent and independent adjuster, to pay a $2 million civil penalty after a hacker executed a phishing attack on an employee's email and gained access to the private health data and sensitive nonpublic information of tens of thousands of Healthplex consumers. Eight years in the making, the final phase of New York's groundbreaking Cybersecurity Regulation Part 500 takes effect Nov. 1.
Information security
Information security
fromWordtothewise
1 week ago

B2B Spam: Strapi, Unstructured and Reo

A unique email given to Strapi for a demo later received unsolicited promotional mail from an unrelated company, indicating a possible unauthorized exposure of Strapi customer contact data.
fromZDNET
1 week ago

New deadline: Claim up to $7,500 from AT&T's $177M data breach payouts - here's how

If you're a current or former AT&T customer, the deadline to file a claim to be part of the $177 million class-action settlement over two major data breaches has been extended. The breaches -- one dating back to 2019 and a second in 2024 -- exposed Social Security numbers, call and text records, names, addresses, dates of birth, and more.
US news
Privacy professionals
fromDataBreaches.Net
1 week ago

Integris Health Agrees to $30 Million Settlement Over 2023 Data Breach - DataBreaches.Net

Integris Health agreed to a $30 million settlement after a November 2023 breach exposed over two million patients' sensitive data, creating substantial fraud and identity theft risk.
Information security
fromDataBreaches.Net
1 week ago

Gov't seeks police probe of KT for allegedly obstructing data breach investigation - DataBreaches.Net

KT allegedly obstructed a government probe into unauthorized mobile-payment breaches by submitting false server disposal timing information and concealing backup logs and evidence.
Information security
fromTheregister
1 week ago

Sotheby's finds its data on the block after cyberattack

Sotheby's disclosed a July 24 cyber breach exposing sensitive data, including Social Security numbers and financial account information, affecting at least two Maine residents.
#class-action-settlement
fromDataBreaches.Net
1 week ago
Privacy professionals

Heritage Provider Network $49.99M Class Action Settlement - DataBreaches.Net

Eligible Heritage Provider Network patients may claim cash payments and medical monitoring from a $49,995,000 class-action settlement over a December 2022 data breach.
fromDataBreaches.Net
3 weeks ago
Privacy professionals

Flagstar Agrees to $31.5 Million Deal in Accellion-Breach Suit - DataBreaches.Net

Flagstar Bank agreed to pay $31.5 million to settle claims over breaches that exposed nearly 2.2 million individuals' personal information.
Information security
fromBusiness Matters
1 week ago

Capita fined 14 Million over 2023 cyber-attack that exposed data of 6.6 Million people

Capita was fined £14 million by the ICO for serious data protection failures after a March 2023 cyber-attack that exposed 6.6 million people's personal data.
Digital life
fromMashable
1 week ago

4 big tech settlements you might be eligible for in 2025

Consumers may be eligible for settlement payouts from AT&T, Facebook, and Amazon; check eligibility, deadlines, and claim procedures to recover owed funds.
US news
fromwww.housingwire.com
1 week ago

loanDepot sues WCL, alleging illegal practices

loanDepot alleges West Capital Lending and associates stole confidential customer data, poached employees, misclassified about 600 loan officers, and will pursue legal remedies.
fromDataBreaches.Net
1 week ago

Attorney General James Secures $14.2 Million from Car Insurance Companies Over Data Breaches - DataBreaches.Net

NEW YORK - New York Attorney General Letitia James today secured $14.2 million from eight car insurance companies for failing to protect the private information of more than 825,000 New Yorkers. The data breaches were part of a hacking campaign that targeted car insurance companies' quoting tools and stole people's personal information, including driver's license numbers and dates of birth. The hackers later used some of the stolen driver's license information to file fraudulent unemployment claims at the height of the COVID-19 pandemic.
#discord
fromDataBreaches.Net
1 week ago
Information security

Discord blamed a vendor for its data breach - now the vendor says it was 'not hacked' - DataBreaches.Net

Information security
fromZDNET
2 weeks ago

70,000 government IDs were exposed in a Discord breach - could yours be next?

A third-party vendor compromise exposed about 70,000 government ID photos and other support data from Discord users, used in an extortion attempt.
fromDataBreaches.Net
1 week ago
Information security

Discord blamed a vendor for its data breach - now the vendor says it was 'not hacked' - DataBreaches.Net

fromZDNET
2 weeks ago
Information security

70,000 government IDs were exposed in a Discord breach - could yours be next?

Information security
fromSecuritymagazine
2 weeks ago

180,000 Records of PII and Payment Information Exposed

An unsecured, unencrypted database exposed approximately 180,000 records (178,519 files) containing PII and payment data belonging to Invoicely by Stack Holdings GmbH.
Information security
fromThe Verge
1 week ago

Discord blamed a vendor for its data breach - now the vendor says it was 'not hacked'

None of 5CA's systems were involved in the breach; platforms remain secure, and forensic findings indicate the incident occurred outside 5CA.
#identity-theft
fromwww.theguardian.com
2 weeks ago

Hackers leak Qantas data containing 5 million customer records after ransom deadline passes

The Qantas data, which was stolen from a Salesforce database in a major cyber-attack in June, included customers' email addresses, phone numbers, birth dates and frequent flyer numbers. It did not contain credit card details, financial information or passport details. On Saturday the group marked the data as leaked, writing: Don't be the next headline, should have paid the ransom.
Information security
Information security
fromDataBreaches.Net
2 weeks ago

Telstra Denies Scattered Spider Data Breach Claims Amid Ransom Threats - DataBreaches.Net

Telstra denies a claimed breach of nearly 19 million records, saying data was scraped publicly and no sensitive credentials were exposed.
fromwww.esquire.com
2 weeks ago

There's a Shady Conservative Coven Influencing Oklahoma State Politics

State Rep. Josh Schriver, R-Oxford, who has called porn a scourge and compared it to heroin, introduced legislation in September to ban online pornography statewide. But data reviewed by Metro Times show that an account linked to his personal AOL email address appeared in a data breach from Fling.com, a pornographic dating site that features live web cams and promised users they could find sex and get laid tonight.
US politics
Privacy professionals
fromTheregister
2 weeks ago

Prospect union tells members their data was breached in June

UK trade union Prospect suffered a June 2025 IT security breach exposing members' personal data including sexual orientation and disabilities.
#sonicwall
Information security
fromComputerworld
2 weeks ago

Major Discord hack exposes the real risks of digital ID

Mandatory government ID requirements make third-party verification services attractive targets, creating predictable risks of sensitive user data exposure.
Information security
fromIT Pro
2 weeks ago

Teens arrested over nursery chain Kido hack

Two 17-year-olds were arrested in Bishop's Stortford on suspicion of computer misuse and blackmail over a Kido nursery data breach affecting about 8,000 children.
Information security
fromSecurityWeek
2 weeks ago

Ransomware Group Claims Attack on Beer Giant Asahi

Qilin ransomware claimed responsibility for a cyberattack on Asahi, stealing 27 GB and disrupting orders, shipments, and call center operations in Japan.
fromwww.independent.co.uk
2 weeks ago

Two men arrested over cyber attack on nurseries in London

Since these attacks took place, specialist Met investigators have been working at pace to identify those responsible. We understand reports of this nature can cause considerable concern, especially to those parents and carers who may be worried about the impact of such an incident on them and their families. We want to reassure the community and anyone affected that this matter continues to be taken extremely seriously.
UK news
Privacy professionals
fromDataBreaches.Net
2 weeks ago

California hospitals can escape fines if workers expose patient info - DataBreaches.Net

Hospitals are not liable for employee disclosures of patient information when appropriate privacy policies existed and the employee knowingly violated them.
Information security
fromComputerWeekly.com
2 weeks ago

The Security Interviews: David Bradbury, CSO, Okta | Computer Weekly

Okta suspended development after an October 2023 helpdesk breach and launched a Secure Identity Commitment to improve products, customer practices, industry protection, and corporate hardening.
Information security
fromTechzine Global
2 weeks ago

Red Hat leak escalates: ShinyHunters demands money after GitLab breach

ShinyHunters joined Crimson Collective's extortion, publishing stolen Red Hat customer data and threatening full release if negotiations don't begin by October 10.
#gitlab
fromZDNET
3 weeks ago

ParkMobile might owe you money from its data breach settlement - but there's a small catch

If you used the ParkMobile app to pay for parking at a meter several years ago, you might be getting a payment as a result of a data breach. Unfortunately, it's probably not an amount you'd expect for the inconvenience of having your data exposed. And while it's a comically low amount, don't spend it all in one place, because, well.... You're literally not allowed to.
Information security
Information security
fromDataBreaches.Net
3 weeks ago

I called American Income Life Insurance to alert them to a data breach involving 150,000 customers. Here's why they didn't find out. - DataBreaches.Net

American Income Life lacked accessible reporting channels, preventing timely notification of a 150,000-customer data leak during a nine-minute phone attempt.
Information security
fromDataBreaches.Net
3 weeks ago

NSW gov contractor uploaded Excel spreadsheet of flood victims' data to ChatGPT - DataBreaches.Net

Applicants to the Northern Rivers Resilient Homes Program had personal data exposed in an unauthorized AI-related upload that occurred between March 12 and 15.
Information security
fromTheregister
3 weeks ago

Discord blames third-party support outfit for data breach

A compromised third-party customer support vendor led to theft of Discord user data, including personal and support-ticket content, while Discord's own systems remained intact.
Information security
fromDataBreaches.Net
3 weeks ago

Just days before its data might be leaked, Qantas Airways obtained a permanent injunction - DataBreaches.Net

Threat actors ignored injunctions and are threatening to publish 153 GB of Qantas customer data (5M+ records) containing extensive personally identifiable information.
Information security
fromZDNET
3 weeks ago

Hackers stole 1 billion records from Salesforce customer databases with this simple trick - don't fall for it

Hackers claiming to be Scattered Lapsus$ Hunters stole roughly one billion customer records from Salesforce-hosted cloud databases and threatened public release.
Information security
fromTechCrunch
3 weeks ago

Hacking group claims theft of 1 billion records from Salesforce customer databases | TechCrunch

A predominantly English-speaking hacking group launched a dark-web extortion site threatening to publish about one billion records stolen from Salesforce-hosted cloud databases.
fromLondon Business News | Londonlovesbusiness.com
3 weeks ago

Renault and Dacia hit with a cyber-attack with data stolen - London Business News | Londonlovesbusiness.com

Renault and Dacia have warned their UK customers that personal data has been stolen in cyber-attack, and the breach took place via the brands third party providers and not their own systems. In an email to affected customers, Renault said: "We are very sorry to inform you about a cyber attack on one of our third-party providers, leading to some Renault UK customers' personal data being taken from one of their systems."
Privacy professionals
EU data protection
fromTheregister
3 weeks ago

Online attackers take Renault UK customer data for a joyride

Renault UK customer data was exposed after a third-party supplier's systems were hacked, including personal and vehicle identification details.
[ Load more ]