All news with #breach tag

🔓 Nissan confirmed that personal data for about 21,000 customers who purchased vehicles or received services at Nissan Fukuoka was exposed after a September breach of Red Hat's development environment. Leaked fields include full names, physical addresses, phone numbers, email addresses and sales-related customer data; no financial or credit card data were affected. Nissan says it has no evidence the data have been misused.

🔒 DXS International said it discovered a cyber-attack on 14 December that affected its office servers and disclosed the incident to the London Stock Exchange on 18 December. The company reported minimal impact, with front-line NHS clinical services remaining operational, and said it contained the breach and is investigating with NHS England and an external cybersecurity specialist. A threat actor calling itself Devman has claimed to have stolen 300GB and threatened to publish data on 20 December; that claim remains unconfirmed.

🔒 Danish intelligence (DDIS) attributed a destructive cyberattack on a water utility to Russian-linked actors, identifying Z-Pentest as responsible for the sabotage and NoName057(16) for election-period DDoS operations. The agency said these actions are part of Moscow's broader hybrid campaign to punish countries supporting Ukraine. Officials will summon the Russian ambassador and warned the attacks undermine public security.

🔒 The University of Sydney reported unauthorized access to an online code repository that resulted in the theft of files containing personal information for more than 27,000 individuals. The breach affected current and former staff, students and alumni and included names, dates of birth, contact details and job information. The university says it detected the incident last week, blocked the access, notified regulators and launched support and notification processes for impacted people.

🛑 Law enforcement seized servers and domains of the E-Note cryptocurrency exchange, accused of laundering more than $70 million originating from ransomware attacks and account takeovers. Authorities confiscated e-note.com, e-note.ws and jabb.mn, removed mobile apps, and obtained customer databases and transaction records. The DOJ has indicted Russian national Mykhalio Petrovich Chudnovets on one count of money laundering conspiracy; he faces up to 20 years in prison but has not been arrested. The seized records may help identify additional cybercriminals and the network of money mules used to move and convert illicit funds.

🔒 LKQ has confirmed a cyber-attack targeting its Oracle E-Business Suite environment that exposed personal information for more than 9,070 individuals. The company reports the intrusion occurred on August 9 and was discovered on October 3, with a detailed data analysis finalised on December 1 and notifications sent on December 15. Compromised items include LKQ Employer Identification Numbers and Social Security numbers; LKQ took the EBS environment offline, engaged an external forensic firm, and is offering two years of complimentary credit monitoring and identity restoration through Cyberscout (a TransUnion company). LKQ says it has implemented additional safeguards, strengthened security monitoring, and reinforced policies and controls.

🛢️ Petróleos de Venezuela (PDVSA) reported a weekend cyberattack it says was restricted to administrative systems and did not affect operational areas, asserting continuity via secure protocols. Despite that assertion, internal memos and multiple sources cited by Bloomberg and Reuters indicate staff were ordered to disconnect and that systems managing the main crude terminal remained offline. PDVSA publicly blamed the United States and domestic conspirators for the incident.

🔒 700Credit, a Michigan fintech serving more than 20,000 car dealerships, disclosed a breach affecting 5.8 million customers. The company said a misconfigured API allowed unauthorized copying of records between May and October, exposing names, addresses and Social Security numbers. Discovered on October 25, 700Credit engaged cybersecurity experts who found activity limited to the 700Dealer.com application layer and reported no evidence of identity theft. Affected individuals are being offered 12 months of TransUnion identity protection and credit monitoring at no cost.

🔒 SoundCloud confirmed a security breach that triggered recent outages and prevented many users from accessing the site via VPN, producing 403 "forbidden" errors. The company says a threat actor accessed an ancillary service dashboard and stole a database containing limited data—primarily email addresses and information already visible on public profiles—and that no passwords or financial data were taken. SoundCloud says it has blocked unauthorized access, engaged outside security experts, and implemented additional controls; however, a configuration change disrupted VPN connectivity and the platform also experienced denial-of-service attacks during the response.

🔒 Askul Corporation confirmed that the RansomHouse extortion group stole approximately 740,000 customer and partner records during an October ransomware incident. Compromised data types include business and individual customer service records, partner data, and employee information. Askul says attackers likely used compromised administrator credentials for an outsourced partner that lacked MFA, disabled EDR, moved laterally, deployed multiple ransomware variants, and wiped backups. The company has isolated affected networks, enforced MFA, reset admin passwords, begun individual notifications and established long-term monitoring.

🔒 Pornhub says it is being extorted by the ShinyHunters gang after the group claimed to have stolen 201,211,943 historical analytics records tied to Premium members. The sample data reportedly includes email addresses, search and watch activity, video URLs, video names, keywords, locations and timestamps. Pornhub says passwords and payment details were not exposed and that it has not worked with Mixpanel since 2021. Mixpanel disputes that the files were taken during its November 2025 incident.

🛡️ Asahi Group Holdings is accelerating a major cybersecurity overhaul after a ransomware attack in late September that exposed personal data for around two million people and disrupted operations. CEO Atsushi Katsuki told Bloomberg he will elevate cybersecurity to a top management priority and is considering a dedicated internal cybersecurity unit. The company plans to abandon VPNs in favor of a stricter zero-trust model and expects recovery and reconstruction efforts to run through February 2026.

🔒 A 19-year-old suspect in Igualada, Barcelona, was arrested after authorities linked him to breaches at nine companies and the theft of 64 million private records. Police say the dataset included full names, home addresses, email addresses, phone numbers, DNI numbers and IBAN codes that the suspect attempted to sell on hacker forums using multiple accounts and pseudonyms. Officers seized computers and cryptocurrency wallets believed to hold proceeds from the sales; the investigation began in June. Separately, Ukrainian police arrested a 22-year-old who used custom malware and a 5,000-account bot farm to compromise and sell social media access.

🔒 Marquis Software Solutions confirmed a breach affecting more than 780,000 individuals after attackers exploited a SonicWall firewall vulnerability on 14 August. The company shut down affected systems and engaged external cybersecurity specialists; a late-October review found unauthorized actors copied files containing personal and financial data from certain business customers. Marquis is offering free credit monitoring and has implemented multiple security controls while its investigation continues, and it reports no evidence so far that the stolen data has been posted online.

🔓 Coupang, South Korea's largest retailer, disclosed a data breach that exposed personal information for 33.7 million customer accounts. The company says the incident occurred on June 24, 2025, but was discovered and investigated beginning November 18, 2025. Exposed fields include full names, phone numbers, email and physical addresses, and order details; payment data and passwords were not affected. Coupang reported the incident to national authorities and warned customers to watch for impersonation attempts.

⚠️ Coupang has confirmed unauthorized access to delivery-related personal information affecting an estimated 33.7 million customers, including names, email addresses and phone numbers. The company says payment details and login credentials were not accessed, and it has blocked the access route and strengthened internal monitoring. Seoul police have identified a suspect, believed to be a former employee who has left South Korea, and are analysing server logs while tracking an IP address tied to the incident.

🔒Asahi Group Holdings confirmed a ransomware-driven data breach discovered in September that affected up to 1.9 million people. The company says personal information including names, genders, addresses, phone numbers and email addresses was exfiltrated, and the Qilin ransomware group claimed responsibility and published sample files. Production and shipping were suspended during the incident and system restoration is ongoing. Asahi reports no payment card data was exposed and has opened a dedicated contact line for affected individuals.

🚨 Crisis24 confirmed its CodeRED emergency-notification platform was breached, disrupting alerts for state and local governments, police, and fire agencies nationwide. The company decommissioned the legacy environment and is rebuilding from a March 31, 2025 backup, so recent accounts may be missing. Crisis24 says the incident was contained to CodeRED, but names, addresses, emails, phone numbers and passwords were stolen; no public posting has been confirmed.

🔒 Mainz University of Applied Sciences reported a cyberattack on Monday, 24 November, and has shut down all IT systems. The university says most services are unavailable while IT teams and investigative authorities analyse the threat and potential damage. A crisis team was mobilised to maintain essential operations, but restoration timelines remain uncertain. No further details have been released and it is unclear how the attackers gained access.

🔒 Two British teenagers, identified by authorities as suspected members of the Scattered Spider collective, have pleaded not guilty to computer misuse and fraud-related charges at Southwark Crown Court. The charges stem from an August 2024 breach of Transport for London (TfL) that disrupted online services, caused millions in losses, and later was found to have exposed customer names, addresses, and contact details. Arrested in September 2024 by the NCA and City of London Police, the defendants face additional alleged conspiracies involving US healthcare networks and separate counts tied to seized passwords.