Krebs on Security

OCTOBER 30, 2024

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information. which suffered a data breach in 2015 affecting 78.8

Healthcare 298

Healthcare Insurance Computers and Electronics Data breaches 298

SecureWorld News

DECEMBER 30, 2024

Recent cybersecurity statistics indicate that data breaches are escalating into a significant international concern. This underscores the need not only for strong preventive measures to protect critical information but also for a well-defined strategy to contain the damage if attackers successfully breach your defenses.

Data breaches 112

Data breaches Social Engineering Passwords Accountability 112

Troy Hunt

SEPTEMBER 27, 2024

As it relates to the UK GDPR, there are two essential concepts to understand, and they're the first two bulleted items in their personal data breaches guide : The UK GDPR introduces a duty on all organisations to report certain personal data breaches to the relevant supervisory authority.

Data breaches 334

Data breaches Risk Passwords Government 334

Security Affairs

FEBRUARY 4, 2025

Online food ordering and delivery platform GrubHub suffered a data breach that exposed the personal information of drivers and customers. This week the online food ordering and delivery firm GrubHub disclosed a data breach that exposed customer and driver information.

Data breaches 116

Data breaches Passwords Accountability Hacking 116

Security Affairs

MAY 15, 2025

Coinbase said rogue contractors stole data on under 1% of users and demanded $20M; the data breach was disclosed in an SEC filing. On May 11, 2025, the company received a ransom demand from a threat actor claiming to have customer and internal data. ” reads the filing with SEC. The final impact remains under review.

Data breaches 87

Data breaches Banking Accountability Retail 87

Security Affairs

MARCH 19, 2025

California Cryobank, the largest US sperm bank, suffered a data breach exposing customer information. The company disclosed a data breach that exposed customers’ personal information. ” reads the data breach notification letter shared with Maine Attorney General.”Out

Data breaches 110

Data breaches Banking Insurance Hacking 110

Troy Hunt

JUNE 24, 2024

I've been harbouring some thoughts about the state of data breaches over recent months, and I feel they've finally manifested themselves into a cohesive enough story to write down. That's who the board is accountable to, and maintaining the corporate reputation and profitability of the firm is their number one priority.

Data breaches 338

Data breaches Identity Theft InfoSec Accountability 338

Security Affairs

APRIL 26, 2025

African multinational telecommunications company MTN Group disclosed a data breach that exposed subscribers’ personal information. “An unknown third-party has claimed to have accessed data linked to parts of our systems. The ransomware group has since leaked the stolen data on its dark web leak site.

Data breaches 107

Data breaches Telecommunications Financial Services Mobile 107

Troy Hunt

JUNE 3, 2020

Less than 3 weeks ago I wrote about The Unattributable "db8151dd" Data Breach which, after posting that blog post and a sample of my own data, the community quickly attributed to Covve. Many of the other records also contain WHOIS information, but then many others don't.

Data breaches 363

Data breaches B2B Marketing Accountability 363

Troy Hunt

AUGUST 13, 2024

I decided to write this post because there's no concise way to explain the nuances of what's being described as one of the largest data breaches ever. Let's start with the easy bit - who is National Public Data (NPD)? Every person who used some sort of data opt-out service was not present.

Data breaches 363

Data breaches Insurance Identity Theft Accountability 363

Security Affairs

DECEMBER 18, 2024

Meta has been fined 251M ($263M) for a 2018 data breach affecting millions in the EU, marking another penalty for violating privacy laws. The Irish Data Protection Commission (DPC) fined Meta 251 million ($263M) for a 2018 data breach impacting 29 million Facebook accounts. Rosen added.

Data breaches 106

Data breaches Accountability Risk Advertising 106

Malwarebytes

OCTOBER 25, 2024

The Office for Civil Rights (OCR) at the HHS confirmed that it prioritized and opened investigations of Change Healthcare and UnitedHealth Group, focused on whether a breach of protected health information (PHI) occurred and on the entities’ compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Rules.

Healthcare 118

Healthcare Data breaches Passwords Identity Theft 118

Security Affairs

DECEMBER 8, 2024

The investigation aimed to determine the extent of the activity, and whether individual personal information, if any, may have been accessed or acquired by an unauthorized third party. As part of the investigation, we engaged leading third-party cybersecurity experts experienced in handling these types of incidents.

Data breaches 118

Data breaches Insurance Healthcare Ransomware 118

Security Affairs

APRIL 11, 2025

Laboratory Services Cooperative discloses a data breach from October 2024 that exposed personal and medical info of 1.6 Laboratory Services Cooperative disclosed a data breach that impacted the personal and medical information of 1.6 “The specific information involved is not the same for everyone.”

Data breaches 97

Data breaches Insurance Banking Accountability 97

Heimadal Security

MARCH 20, 2025

In early 2024, background checking service National Public Data was hit by a massive cyberattack that potentially compromised the sensitive, personal information of millions, or possibly even billions, of people around the world, including U.S. residents. A year later, new security threats have gained traction.

Data breaches 103

Data breaches Artificial Intelligence Accountability Cybersecurity 103

SecureWorld News

FEBRUARY 6, 2025

Grubhub recently confirmed a data breach stemming from a third-party vendor, exposing the ongoing risks associated with supply chain security. Grubhub detected unusual activity within its environment, later traced to an account associated with a third-party service provider used for customer support. What happened?

Data breaches 94

Data breaches Accountability Social Engineering Passwords 94

Krebs on Security

JANUARY 19, 2023

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. APIs are essentially instructions that allow applications to access data and interact with web databases. Image: customink.com In a filing today with the U.S. 25, 2022.

Mobile 338

Mobile Accountability Data breaches Identity Theft 338

Malwarebytes

APRIL 15, 2025

The Hertz Corporation, on behalf of Hertz, Dollar, and Thrifty brands, is sending breach notifications to customers who may have had their name, contact information, driver’s license, andin rare casesSocial Security Number exposed in a data breach. Check the vendors advice. Consider not storing your card details.

Data breaches 102

Data breaches Ransomware Passwords B2B 102

Krebs on Security

AUGUST 16, 2022

This identity has been highly active on Breached and its predecessor RaidForums for more than two years, mostly selling databases from hacked Mexican entities. That same month, they also sold data on 1.4 “We ask you to remove this post containing Banorte data. million customers of Mexican lending platform Yotepresto.

Data breaches 326

Data breaches Banking Cybercrime Marketing 326

Security Affairs

JANUARY 3, 2025

“Our investigation was done in consultation with outside cybersecurity professionals who regularly investigate and analyze these types of situations to help determine whether any sensitive data had been compromised because of the incident. ” reads the incident notice published by the RUMC.

Data breaches 78

Data breaches Ransomware Insurance Healthcare 78

The Last Watchdog

JANUARY 18, 2022

This conclusion is derived from an analysis of data taken from our data breach detection tool, Surfshark Alert , which comprises publicly available breached data sets to inform our users of potential threats. Data associations to specific breach instances are only stipulated. million). •Q1

Data breaches 279

Data breaches VPN Internet Internet 279

Krebs on Security

AUGUST 16, 2021

” The intrusion came to light on Twitter when the account @und0xxed started tweeting the details. Reached via direct message, Und0xxed said they were not involved in stealing the databases but was instead in charge of finding buyers for the stolen T-Mobile customer data. WHO HACKED T-MOBILE?

Mobile 336

Mobile Data breaches Accountability Wireless 336

Security Affairs

JANUARY 16, 2025

The law firm Wolf Haldenstein disclosed a data breach that exposed the personal information of nearly 3.5 The law firm Wolf Haldenstein disclosed a 2023 data breach that exposed the personal information of nearly 3.5 The law firm pointed out that it has no evidence the exposed data has been misused.

Data breaches 97

Data breaches Identity Theft Consumer Protection Data collection 97

Security Affairs

DECEMBER 29, 2024

notifies customers of credit card data breach, after threat actors hacked a third-party app from its e-commerce provider. disclosed a data breach that exposed its customers’ credit card data after threat actors hacked a third-party application from its e-commerce providerBigCommerce.

Data breaches 83

Data breaches Computers and Electronics Hacking Wireless 83

Krebs on Security

JANUARY 7, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. The phishers also abused legitimate Google services to send Tony an email from google.com, and to send a Google account recovery prompt to all of his signed-in devices.

Phishing 336

Phishing Cryptocurrency Accountability Social Engineering 336

Security Affairs

MAY 15, 2025

Nova Scotia Power confirmed a data breach involving the theft of sensitive customer data after the April cybersecurity incident. This week, the company disclosed a data breach after the April security incident and revealed that threat actors stole sensitive customer data. Nova Scotia Power Inc.

Data breaches 73

Data breaches Energy and Utilities Accountability Insurance 73

Krebs on Security

DECEMBER 2, 2020

For at least the third time in its existence, OGUsers — a forum overrun with people looking to buy, sell and trade access to compromised social media accounts — has been hacked. An offer by the apparent hackers of OGUsers, offering to remove account information from the eventual database leak in exchange for payment.

Accountability 350

Accountability Hacking Scams Media 350

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. that provides voice, video, data, and Internet telecommunications to consumers in France. The seller also published a sample of the stolen data and some screenshots. Free S.A.S.

Cyber Attacks 127

Cyber Attacks Telecommunications Data breaches Banking 127

Krebs on Security

AUGUST 6, 2020

A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S.

Accountability 363

Accountability Identity Theft Hacking Insurance 363

Malwarebytes

FEBRUARY 25, 2025

Employment screening company DISA Global Solutions has filed a data breach notification after a cyber incident on their network. The attacker may have accessed over three million files containing personal information. These data brokers gather information from several sources and sell them on to interested buyers.

Data breaches 97

Data breaches Passwords Phishing Password Management 97

Security Boulevard

APRIL 7, 2025

In recent months, the fallout from the 23andMe data breach has offered a sobering reminder of the real-world implications of poor data securityand the profound responsibility companies bear when entrusted with sensitive consumer information.

Data breaches 59

Data breaches Accountability 59

Security Affairs

APRIL 18, 2025

Legends International disclosed a data breach from November 2024 that affected employees and visitors to its managed venues. A review was initiated to determine if any personal information was included in those files and to whom that personal information pertains.”

Data breaches 105

Data breaches Identity Theft Accountability Technology 105

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. “We have been playing cat and mouse for a while with these guys,” said Matt Sciberras , chief information security officer at Invicti.

Hacking 248

Hacking Cybercrime Advertising Data breaches 248

Webroot

APRIL 22, 2025

Whether its an email address, a credit card number, or even medical records, your personal information is incredibly valuable in the wrong hands. Because whether you know it or not, many companies are collecting and storing your private data. billion people received notices that their information was exposed in a data breach.

Data breaches 72

Data breaches Identity Theft Passwords eCommerce 72

Security Affairs

MAY 5, 2025

Kelly Benefits has determined that the impact of the recently disclosed data breach is much bigger than initially believed. Benefits and payroll solutions firm Kelly & Associates Insurance Group, aka Kelly Benefits, announced that the impact of a recently disclosed data breach is much bigger than initially estimated.

Data breaches 67

Data breaches Insurance Hacking Ransomware 67

Malwarebytes

FEBRUARY 14, 2025

Over the years Zacks has suffered a few data breaches. In 2023, data allegedly belonging to Zacks containing 8,615,098 records was leaked online. The most recent data in this database is from May 2020. This would be the 2nd (hacked back in 2020) major data breach for Zacks. Check the vendors advice.

Accountability 83

Accountability Data breaches Passwords Phishing 83

The Last Watchdog

JUNE 12, 2023

Information privacy and information security are two different things. Related: Tapping hidden pools of security talent Information privacy is the ability to control who (or what) can view or access information that is collected about you or your customers. They take all this private information, and then they sell it.

Information Security 202

Information Security Data breaches CISO Encryption 202