All news with #breach tag

🔒 Aura confirmed an unauthorized party accessed nearly 900,000 records containing names and email addresses after a voice‑phishing attack targeted an employee. The company says the data came from an inherited marketing tool tied to a 2021 acquisition and affected roughly 20,000 current and 15,000 former customers, while noting Social Security numbers, account passwords, and financial data were not exposed. Have I Been Pwned added the leak to its database and observed customer service comments and IP addresses among the files. Aura is conducting an internal review with external experts, has notified law enforcement, and plans to send personalized notifications to affected individuals.

🕵️ The FBI’s Seattle Division is asking gamers who unintentionally downloaded malware via the Steam platform to assist an ongoing investigation into a campaign active between May 2024 and January 2026. Investigators say several titles — including BlockBlasters, Chemia, Dashverse/DashFPS, Lampy, Lunara, PirateFi, and Tokenova — have been identified as distribution points and are requesting affected users complete a short questionnaire. The FBI is collecting information on pre- and post-download communications, financial losses, and crypto wallet or bank account details; responses are voluntary, may result in follow-up contact, and victims’ identities will be kept confidential.

🛡️ Poland’s National Centre for Nuclear Research (NCBJ) says its IT infrastructure was targeted by a cyberattack that was detected and blocked before causing any impact. Security systems and internal procedures enabled rapid containment, and the institute reports that the MARIA research reactor was unaffected and continues to operate safely. Authorities have been notified and an investigation is underway.

🔒 Starbucks disclosed a data breach that exposed personal and financial information from Starbucks Partner Central accounts belonging to employees. The company says it discovered unauthorized access on February 6 after threat actors obtained login credentials via websites impersonating Partner Central, compromising 889 accounts. Exposed data may include names, Social Security numbers, dates of birth, and bank account/routing numbers. Starbucks notified law enforcement and is providing two years of Experian identity and credit monitoring to affected partners.

🔒 Telus Digital, a BPO provider to global clients, is investigating a significant cybersecurity incident after extortion group ShinyHunters claimed to have exfiltrated up to one petabyte of data. The company says core operations and customer connectivity remain unaffected and that it has engaged leading forensics teams and law enforcement. Early indications point to abuse of legitimate access rather than an obvious malware intrusion, and Telus is notifying affected customers and implementing additional safeguards.

🔒 Loblaw Companies Limited has detected an intrusion into a contained, non-critical portion of its IT network and confirmed that a criminal third party accessed basic customer information. The exposed data includes names, phone numbers, and email addresses, which could be used for phishing and fraud. Loblaw says there is no evidence that financial information, health data, or account passwords were compromised and that PC Financial has not been impacted. The company has automatically logged customers out, urges users to sign in again and change passwords, and continues to investigate.

🔒 England Hockey is investigating claims that the AiLock ransomware gang stole approximately 129GB of data and listed the organization on its leak site, threatening to publish files unless a ransom is paid. The governing body says it has prioritized an inquiry involving internal teams, external specialists, and cooperation with law enforcement. England Hockey cannot yet provide specifics while the investigation continues and urges members to remain vigilant for phishing and suspicious account activity.

🔒 Ericsson Inc. disclosed a data breach impacting 15,661 employees and customers after a third-party service provider detected suspicious activity and identified possible unauthorized access to stored files. Investigators say files may have been accessed between April 17 and April 22, 2025, and the incident was detected on April 28, 2025; a detailed review completed on February 23 confirmed exposure of personal information. The types of data potentially exposed include names, addresses, Social Security numbers, driver’s licence or government ID numbers, financial and medical information. Ericsson notified the FBI, filed state breach notices, did not name the vendor, and is offering complimentary identity protection services through IDX to affected individuals.

🔒 Ericsson Inc.'s U.S. subsidiary disclosed that attackers stole personal data for an undisclosed number of employees and customers after a breach at a third‑party service provider detected on April 28, 2025. The provider's investigation found files were accessed between April 17 and April 22, 2025, and a review completed on February 23, 2026 identified exposed personal information. Ericsson says it has not seen evidence of misuse and is offering free IDX identity protection and monitoring to affected individuals, with enrollment open through June 9, 2026.

🔒 TriZetto Provider Solutions (TPS) has reported a breach that impacted more than 3.4 million individuals after suspicious activity was detected in a customer-facing web portal on 2 October 2025. TPS confirmed that no payment card or bank account data were taken, but said names, addresses, dates of birth, Social Security numbers and health insurance identifiers may have been accessed. The company, owned by Cognizant, says it is working with law enforcement, has implemented additional security measures and is offering credit monitoring to those affected.

🚨 The FBI has acknowledged a suspected intrusion on a network used to manage wiretaps and foreign intelligence surveillance warrants, telling CNN it "identified and addressed suspicious activities" and leveraged technical capabilities to respond. The agency provided limited detail, prompting concerns about potential state-linked actors such as China. Past FBI IT security problems and a reported February 2023 field office breach have heightened scrutiny.

🚨 The U.S. Federal Bureau of Investigation confirmed it is investigating a breach that affected systems used to manage surveillance and court-authorized wiretap warrants. The agency said it identified and addressed suspicious activity on FBI networks and has leveraged technical capabilities to respond, but declined to provide details on scope or impact. CNN reported an anonymous source saying the intrusion affected systems supporting wiretapping and foreign surveillance. Security observers note similarities with prior activity attributed to the state-linked group Salt Typhoon.

🔒 John Daghita, a U.S. government contractor and son of CMDSS's CEO, was arrested on Saint Martin after a joint operation by the FBI and France's elite Gendarmerie unit. He is accused of stealing more than $46 million in cryptocurrency seized and managed by the U.S. Marshals Service, including funds tied to the 2016 Bitfinex hack. Authorities seized cash, hard drives, and security keys, and investigators say public blockchain analysis played a key role in identifying him.

🔓AkzoNobel confirmed a security incident at a U.S. site after the Anubis ransomware group posted a partial data leak. The company says the intrusion was contained locally and the impact is limited, and it is notifying and supporting affected parties. Anubis claims about 170GB and nearly 170,000 files were stolen, including confidential agreements and passport scans.

🚨 Amazon has confirmed that drone strikes damaged three AWS data centers in the United Arab Emirates and one in Bahrain, causing an ongoing outage that is affecting dozens of cloud services. The attacks caused structural and power damage and triggered fire suppression that resulted in additional water damage. Amazon is restoring physical infrastructure while pursuing software-based recovery paths and advising customers to back up and migrate workloads to unaffected regions.

🚨 A 22-year-old Alabama man, Jamarcus Mosley, pleaded guilty to federal extortion, cyberstalking, and computer fraud charges after hijacking social media accounts belonging to hundreds of young women, including minors. Between April 2022 and May 2025 Mosley impersonated friends and used social engineering to obtain account recovery codes and passwords, then threatened to publish private nude images unless victims paid, sent more explicit content, or surrendered access to other accounts. Sentencing is scheduled for May 27.

🛠️ ManoMano has notified customers that a security incident tied to a third‑party customer service subcontractor resulted in the unauthorized extraction of personal data for approximately 38 million individuals. Exposed information reportedly varies by interaction and may include full name, email address, phone number, and customer service communications; no account passwords were accessed. Identified in January 2026, ManoMano says it revoked the subcontractor’s access, strengthened controls, informed regulators, and is advising customers to remain vigilant against phishing and social engineering.

🔒 Advantest Corporation reported that its corporate network experienced a ransomware intrusion detected on February 15, prompting immediate isolation of affected systems and the engagement of third-party cybersecurity specialists. Preliminary findings indicate an unauthorized party may have deployed ransomware in portions of the network, though no data theft has been confirmed. The company says it will notify and advise any customers or employees if their information is determined to be impacted. The investigation is ongoing and, to date, no ransomware group has claimed responsibility.

🔒 Three former Google engineers and one spouse were indicted in U.S. federal court for allegedly stealing trade secrets and transferring sensitive files, including materials related to Google's Tensor processor, to unauthorized locations reportedly including Iran. The defendants — Samaneh Ghandali, Mohammadjavad Khosravi and Soroor Ghandali — are accused of exfiltrating documents to third‑party channels, copying files to personal and employer devices, and concealing their actions. They were arrested in San Jose after Google detected suspicious activity and notified law enforcement; the indictment carries multiple counts with significant prison and fine exposures.

🔒 A Nigerian national, Matthew Abiodun Akande, was sentenced to eight years in prison after hacking multiple Massachusetts tax preparation firms and filing over 1,000 fraudulent tax returns seeking more than $8.1 million in refunds. Authorities say he stole clients' Social Security numbers and prior-year tax data by deploying the Warzone RAT masked with a crypter, and used convincing CEO-impersonation phishing messages with a Dropbox link to silently install malware. Akande was arrested in October 2024 at London’s Heathrow Airport, extradited to the U.S. in March 2025, and ordered to pay nearly $1.4 million in restitution plus three years of supervised release.