Security Affairs

DECEMBER 6, 2024

Atrium Health disclosed a data breach affecting 585,000 individuals to the HHS, potentially linked to the use of online tracking tools. Healthcare company Atrium Health disclosed a data breach that impacted 585,000 individuals. Impacts vary depending on users’ browsers, cookies, and third-party account activity.

Data breaches 112

Data breaches Identity Theft Accountability Technology 112

SecureWorld News

DECEMBER 30, 2024

Recent cybersecurity statistics indicate that data breaches are escalating into a significant international concern. This underscores the need not only for strong preventive measures to protect critical information but also for a well-defined strategy to contain the damage if attackers successfully breach your defenses.

Data breaches 111

Data breaches Social Engineering Passwords Accountability 111

Malwarebytes

OCTOBER 10, 2024

A non-profit that benefits millions of people has fallen victim to a data breach and a DDoS attack. It is often used for academic research and data analysis. Cybercriminals managed to breach the site and steal a user authentication database containing 31 million records. Who stole the database and why is not yet known.

Data breaches 137

Data breaches DDOS Internet Internet 137

Troy Hunt

SEPTEMBER 27, 2024

As it relates to the UK GDPR, there are two essential concepts to understand, and they're the first two bulleted items in their personal data breaches guide : The UK GDPR introduces a duty on all organisations to report certain personal data breaches to the relevant supervisory authority.

Data breaches 337

Data breaches Risk Passwords Government 337

Security Affairs

FEBRUARY 4, 2025

Online food ordering and delivery platform GrubHub suffered a data breach that exposed the personal information of drivers and customers. This week the online food ordering and delivery firm GrubHub disclosed a data breach that exposed customer and driver information.

Data breaches 116

Data breaches Passwords Accountability Hacking 116

Malwarebytes

OCTOBER 25, 2024

The Office for Civil Rights (OCR) at the HHS confirmed that it prioritized and opened investigations of Change Healthcare and UnitedHealth Group, focused on whether a breach of protected health information (PHI) occurred and on the entities’ compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Rules.

Healthcare 131

Healthcare Data breaches Passwords Identity Theft 131

Troy Hunt

JUNE 24, 2024

I've been harbouring some thoughts about the state of data breaches over recent months, and I feel they've finally manifested themselves into a cohesive enough story to write down. That's who the board is accountable to, and maintaining the corporate reputation and profitability of the firm is their number one priority.

Data breaches 343

Data breaches Identity Theft InfoSec Accountability 343

Security Affairs

MARCH 19, 2025

California Cryobank, the largest US sperm bank, suffered a data breach exposing customer information. The company disclosed a data breach that exposed customers’ personal information. ” reads the data breach notification letter shared with Maine Attorney General.”Out

Data breaches 110

Data breaches Banking Insurance Hacking 110

Malwarebytes

APRIL 15, 2025

The Hertz Corporation, on behalf of Hertz, Dollar, and Thrifty brands, is sending breach notifications to customers who may have had their name, contact information, driver’s license, andin rare casesSocial Security Number exposed in a data breach. Check the vendors advice. Consider not storing your card details.

Data breaches 120

Data breaches Ransomware B2B Passwords 120

Security Affairs

APRIL 26, 2025

African multinational telecommunications company MTN Group disclosed a data breach that exposed subscribers’ personal information. “An unknown third-party has claimed to have accessed data linked to parts of our systems. The ransomware group has since leaked the stolen data on its dark web leak site.

Data breaches 107

Data breaches Telecommunications Financial Services Mobile 107

Troy Hunt

JUNE 3, 2020

Less than 3 weeks ago I wrote about The Unattributable "db8151dd" Data Breach which, after posting that blog post and a sample of my own data, the community quickly attributed to Covve. Many of the other records also contain WHOIS information, but then many others don't.

Data breaches 363

Data breaches B2B Marketing Accountability 363

Troy Hunt

AUGUST 13, 2024

I decided to write this post because there's no concise way to explain the nuances of what's being described as one of the largest data breaches ever. Let's start with the easy bit - who is National Public Data (NPD)? Every person who used some sort of data opt-out service was not present.

Data breaches 364

Data breaches Insurance Identity Theft Accountability 364

Security Affairs

DECEMBER 18, 2024

Meta has been fined 251M ($263M) for a 2018 data breach affecting millions in the EU, marking another penalty for violating privacy laws. The Irish Data Protection Commission (DPC) fined Meta 251 million ($263M) for a 2018 data breach impacting 29 million Facebook accounts. Rosen added.

Data breaches 106

Data breaches Accountability Risk Advertising 106

Security Affairs

DECEMBER 8, 2024

The investigation aimed to determine the extent of the activity, and whether individual personal information, if any, may have been accessed or acquired by an unauthorized third party. As part of the investigation, we engaged leading third-party cybersecurity experts experienced in handling these types of incidents.

Data breaches 118

Data breaches Insurance Healthcare Ransomware 118

Security Affairs

APRIL 11, 2025

Laboratory Services Cooperative discloses a data breach from October 2024 that exposed personal and medical info of 1.6 Laboratory Services Cooperative disclosed a data breach that impacted the personal and medical information of 1.6 “The specific information involved is not the same for everyone.”

Data breaches 97

Data breaches Insurance Banking Accountability 97

Heimadal Security

MARCH 20, 2025

In early 2024, background checking service National Public Data was hit by a massive cyberattack that potentially compromised the sensitive, personal information of millions, or possibly even billions, of people around the world, including U.S. residents. A year later, new security threats have gained traction.

Data breaches 103

Data breaches Artificial Intelligence Accountability Cybersecurity 103

Security Affairs

MAY 15, 2025

Coinbase said rogue contractors stole data on under 1% of users and demanded $20M; the data breach was disclosed in an SEC filing. On May 11, 2025, the company received a ransom demand from a threat actor claiming to have customer and internal data. ” reads the filing with SEC. The final impact remains under review.

Data breaches 87

Data breaches Banking Accountability Retail 87

SecureWorld News

FEBRUARY 6, 2025

Grubhub recently confirmed a data breach stemming from a third-party vendor, exposing the ongoing risks associated with supply chain security. Grubhub detected unusual activity within its environment, later traced to an account associated with a third-party service provider used for customer support. What happened?

Data breaches 93

Data breaches Accountability Social Engineering Risk 93

Malwarebytes

FEBRUARY 25, 2025

Employment screening company DISA Global Solutions has filed a data breach notification after a cyber incident on their network. The attacker may have accessed over three million files containing personal information. These data brokers gather information from several sources and sell them on to interested buyers.

Data breaches 115

Data breaches Passwords Phishing Password Management 115

Krebs on Security

JANUARY 19, 2023

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. APIs are essentially instructions that allow applications to access data and interact with web databases. Image: customink.com In a filing today with the U.S. 25, 2022.

Mobile 339

Mobile Accountability Data breaches Identity Theft 339

Krebs on Security

AUGUST 16, 2022

This identity has been highly active on Breached and its predecessor RaidForums for more than two years, mostly selling databases from hacked Mexican entities. That same month, they also sold data on 1.4 “We ask you to remove this post containing Banorte data. million customers of Mexican lending platform Yotepresto.

Data breaches 328

Data breaches Banking Cybercrime Marketing 328

Security Affairs

JANUARY 3, 2025

“Our investigation was done in consultation with outside cybersecurity professionals who regularly investigate and analyze these types of situations to help determine whether any sensitive data had been compromised because of the incident. ” reads the incident notice published by the RUMC.

Data breaches 78

Data breaches Ransomware Insurance Healthcare 78

The Last Watchdog

JANUARY 18, 2022

This conclusion is derived from an analysis of data taken from our data breach detection tool, Surfshark Alert , which comprises publicly available breached data sets to inform our users of potential threats. Data associations to specific breach instances are only stipulated. million). •Q1

Data breaches 279

Data breaches VPN Internet Internet 279

Krebs on Security

AUGUST 16, 2021

” The intrusion came to light on Twitter when the account @und0xxed started tweeting the details. Reached via direct message, Und0xxed said they were not involved in stealing the databases but was instead in charge of finding buyers for the stolen T-Mobile customer data. WHO HACKED T-MOBILE?

Mobile 338

Mobile Data breaches Accountability Wireless 338

Malwarebytes

FEBRUARY 14, 2025

Over the years Zacks has suffered a few data breaches. In 2023, data allegedly belonging to Zacks containing 8,615,098 records was leaked online. The most recent data in this database is from May 2020. This would be the 2nd (hacked back in 2020) major data breach for Zacks. Check the vendors advice.

Accountability 100

Accountability Data breaches Passwords Phishing 100

Security Affairs

JANUARY 16, 2025

The law firm Wolf Haldenstein disclosed a data breach that exposed the personal information of nearly 3.5 The law firm Wolf Haldenstein disclosed a 2023 data breach that exposed the personal information of nearly 3.5 The law firm pointed out that it has no evidence the exposed data has been misused.

Data breaches 97

Data breaches Identity Theft Consumer Protection Data collection 97

Krebs on Security

JANUARY 7, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. The phishers also abused legitimate Google services to send Tony an email from google.com, and to send a Google account recovery prompt to all of his signed-in devices.

Phishing 338

Phishing Cryptocurrency Accountability Social Engineering 338

Security Affairs

DECEMBER 29, 2024

notifies customers of credit card data breach, after threat actors hacked a third-party app from its e-commerce provider. disclosed a data breach that exposed its customers’ credit card data after threat actors hacked a third-party application from its e-commerce providerBigCommerce.

Data breaches 83

Data breaches Computers and Electronics Hacking Wireless 83

Krebs on Security

DECEMBER 2, 2020

For at least the third time in its existence, OGUsers — a forum overrun with people looking to buy, sell and trade access to compromised social media accounts — has been hacked. An offer by the apparent hackers of OGUsers, offering to remove account information from the eventual database leak in exchange for payment.

Accountability 351

Accountability Hacking Scams Media 351

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. that provides voice, video, data, and Internet telecommunications to consumers in France. The seller also published a sample of the stolen data and some screenshots. Free S.A.S.

Cyber Attacks 127

Cyber Attacks Telecommunications Data breaches Banking 127

Krebs on Security

AUGUST 6, 2020

A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S.

Accountability 363

Accountability Identity Theft Hacking Insurance 363

Security Boulevard

APRIL 7, 2025

In recent months, the fallout from the 23andMe data breach has offered a sobering reminder of the real-world implications of poor data securityand the profound responsibility companies bear when entrusted with sensitive consumer information.

Data breaches 59

Data breaches Accountability 59

Webroot

APRIL 22, 2025

Whether its an email address, a credit card number, or even medical records, your personal information is incredibly valuable in the wrong hands. Because whether you know it or not, many companies are collecting and storing your private data. billion people received notices that their information was exposed in a data breach.

Data breaches 75

Data breaches Identity Theft Passwords eCommerce 75

Security Affairs

APRIL 18, 2025

Legends International disclosed a data breach from November 2024 that affected employees and visitors to its managed venues. A review was initiated to determine if any personal information was included in those files and to whom that personal information pertains.”

Data breaches 105

Data breaches Identity Theft Accountability Technology 105

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. “We have been playing cat and mouse for a while with these guys,” said Matt Sciberras , chief information security officer at Invicti.

Hacking 249

Hacking Cybercrime Advertising Data breaches 249

Malwarebytes

NOVEMBER 4, 2024

In a data breach notification filed by the Attorney General for the state of Maine, the cybersecurity incident that affected Columbus, Ohio impacted half a million people. The attack was later claimed by the Rhysida ransomware group on their leak site, where the group posts information about victims that are unwilling to pay.

Data breaches 130

Data breaches Passwords Ransomware Phishing 130

Security Affairs

MAY 15, 2025

Nova Scotia Power confirmed a data breach involving the theft of sensitive customer data after the April cybersecurity incident. This week, the company disclosed a data breach after the April security incident and revealed that threat actors stole sensitive customer data. Nova Scotia Power Inc.

Data breaches 73

Data breaches Energy and Utilities Accountability Insurance 73