< ciso
brief />
Tag Banner

All news with #data breach tag

785 articles

Dormant GitHub Accounts Exploited to Scrape Orgs

🔎 Datadog Security Labs warns of coordinated campaigns using dormant or compromised GitHub accounts and exposed personal access tokens to enumerate organizations via the GitHub API. Operators use automated scraping tools, aged "ghost" accounts, and legitimate-sounding user agents to blend into normal API traffic, primarily collecting public data but occasionally cloning private repositories. The activity leverages unauthenticated API surfaces and GraphQL queries to map repos, memberships, followers, and other artifacts for reconnaissance.
read more →

AssuranceAmerica breach exposes millions of driver records

🔒 AssuranceAmerica disclosed a data breach impacting 6,998,886 individuals after detecting suspicious activity on March 17, 2026. The incident began with a targeted attack on an employee that allowed unauthorized access and copying of data files. Stolen records include names, contact details, policy and claims information, driver and vehicle data, and driver's license numbers. The insurer has disabled compromised credentials, isolated affected systems, notified law enforcement, and strengthened security controls.
read more →

Mount Royal University confirms data breach incident

🔒 Mount Royal University in Calgary reported a cyberattack on June 17 that disrupted online services and internal systems, and led to theft and deletion of files from university storage drives. External cybersecurity experts have been engaged to investigate and assist recovery efforts. The attackers claimed responsibility as CMD Organization, posted samples of stolen documents, and demanded a 30 BTC ransom. MRU is notifying affected individuals and offering credit monitoring for certain employees.
read more →

KDDI breach exposes millions of email accounts

📧 KDDI, Japan's second-largest telecom, disclosed a breach of an email platform used by five ISPs that exposed millions of email addresses and passwords. The company detected the incident on June 17 and says attackers exploited a zero-day in third-party software on May 16. KDDI reported up to 14.22 million affected accounts, with 12.23 million email addresses and 7.62 million passwords exposed, and is forcing password changes and deploying EDR.
read more →

Accenture confirms breach after hacker offers data

🔒 Accenture has acknowledged an isolated security breach after a threat actor claimed to have stolen 35 GB of source code and related data and tried to sell it on a cybercrime forum. The company said it has remediated the issue and that there is no impact to Accenture operations or service delivery. The attacker, operating as "888," posted claims of exfiltrated source code, keys, tokens, and configuration files and shared a screenshot of an Azure DevOps repository clone. Accenture did not confirm the extent of the accessed data, how access occurred, or whether customer data was affected.
read more →

Vietnam arrests suspects behind major anime piracy

🔒 Vietnamese authorities have arrested seven suspects alleged to have operated HiAnime, the largest anime piracy streaming service before its June shutdown. The group faces charges of copyright infringement and money laundering after reportedly posting over 26,000 pirated anime titles across 100+ sites and earning about $12.85 million in illegal ad revenue. The Alliance for Creativity and Entertainment (ACE) and U.S. partners assisted the multi-year investigation.
read more →

SaaS single points of failure threaten campuses

📘 Higher education now runs core academic operations on a few massive SaaS platforms, creating systemic single points of failure. When a major LMS was breached during finals week 2026, campuses lost access to rosters, grade books and coursework despite SLAs and certifications. The author argues IT must architect independent, read-only continuity layers synchronized from source systems to maintain operations during vendor outages or attacks.
read more →

FortiBleed ties stolen Fortinet credentials to ransomware

🛡️ SOCRadar links the FortiBleed credential-theft campaign to the INC and Lynx ransomware operations after finding a Windows server used by FortiBleed that contained access to ransomware negotiation panels. Investigators discovered FortiGate configuration files, harvested credentials, and a custom "FortiGate Sniffer" tool that intercepted VPN and authentication data. The operation targeted hundreds of thousands of devices and deployed sniffers on thousands, with ongoing investigation into additional servers, a suspected Nextcloud zero-day, and overlapping victim data.
read more →

Kubota reports month-long network intrusion affecting employees

🔒 Kubota North America disclosed that a threat actor accessed parts of its network from March 16 to April 20, exposing personal data for employees and dependents. The company says exposed information may include names, Social Security numbers, dates of birth, tax IDs, driver’s license numbers, bank account and corporate card details, and limited benefits claims. Notifications were sent starting June 30 with instructions to enroll in Kroll identity protection and guidance to monitor accounts; Kubota has enacted additional security measures and has not reported business disruptions.
read more →

FTC fines Amazon for withholding fraud victims’ records

🔎 The FTC says Amazon will pay a $2.25 million penalty after allegedly blocking identity-theft victims from obtaining transaction records required under Section 609(e) of the FCRA. The complaint claims Amazon customer service denied record requests citing "privacy" or "security," often delivered records after the 30-day statutory window, and sometimes refused law enforcement requests. The order requires Amazon to provide requested records within 30 days and notify affected consumers who previously requested records since April 2024.
read more →

Aflac Japan Confirms Major Customer Data Breach

🛡️ Aflac Japan disclosed a data breach after an unauthorized third party accessed systems between June 15 and June 25. The company reported that impacted files may include policy and coverage details, personal data, and bank account information, and said US systems were not affected. Some customer services were taken offline while calls and other channels continue to support claims. Authorities have been notified and no misuse has yet been confirmed.
read more →

Aflac Japan breach exposes policy and bank data

🔒 Aflac disclosed that attackers accessed systems at its wholly owned Japan subsidiary between June 15 and June 25, 2026, prompting suspension of certain systems while operations continue. The insurer is working with external cybersecurity experts, has notified Japanese regulators, and will inform affected individuals. Aflac said U.S. systems were not accessed and the full scope of the incident remains under investigation.
read more →

Nissan reports employee data breach after PeopleSoft zero-day

🔒 Nissan has disclosed a data breach affecting current and former employees after threat actors exploited an Oracle PeopleSoft vulnerability tied to a wider campaign. The automaker says the incident may have exposed contact, financial, tax, and identification details and impacts employees in the US, Canada, Mexico, and Brazil. Nissan has engaged external cybersecurity experts, restricted certain payroll functions, and will offer monitoring services to affected individuals while working with Oracle on remediation.
read more →

NAIC Confirms PeopleSoft Breach Exposes Credit Data

🔒 The US National Association of Insurance Commissioners (NAIC) disclosed a security breach detected on June 11 and revealed on June 17 that an unauthorized actor exploited a zero-day in Oracle PeopleSoft to access parts of its environment. The attacker obtained and published some statutory financial reporting and credit rating agency data, and possibly routine technical files. NAIC says personal, payment, and several regulatory system records were not compromised and operations are largely restored.
read more →

Cyber Risks and Privacy Threats Around World Cup 2026

🛡️ The 2026 FIFA World Cup presents an unprecedented cyberattack surface across three host countries, with illegal streaming and black-market gambling exposing viewers to significant risks. UpGuard researchers found publicly exposed log systems containing plain-text credentials, IP addresses, and betting details tied to pirate streams and offshore bookmakers. Law enforcement and international operations are disrupting many servers, but resilient criminal networks continue to adapt and monetize audiences via unregulated gambling.
read more →

KDDI breach may expose millions of ISP email logins

📧 KDDI Corporation disclosed a breach affecting an email system shared with five Japanese ISPs after discovering unauthorized access on June 17. The company attributes the intrusion to a vulnerability in unnamed third-party software and says it immediately blocked the attacker and implemented defenses. Up to 14.22 million current, former, and inactive customer email addresses and passwords may have been exposed, though some credentials were stored hashed or encrypted. KDDI is notifying regulators and working with affected ISPs while advising customers to reset passwords and enable 2FA where possible.
read more →

AI Adoption Is Accelerating Risks for SMEs

🔒 Small and mid-sized businesses are rapidly adopting AI, often ahead of large enterprises, and this pace is outstripping their ability to govern associated cyber risks. Shadow AI—employees using public tools without oversight—exposes customer data, financial records, and intellectual property, while attackers increasingly exploit these weaker links in supply chains. The author urges owners and CFOs to map AI use, restrict sensitive data, treat AI access like hires, and engage advisors who can secure AI adoption effectively.
read more →

One Million Passports Exposed in Data Leak

🔐 A database containing nearly one million passport records from multiple countries was leaked online. The incident highlights how high-value credentials like passports can be compromised when reused within lower-security systems; in this case, an ID verification service used by cannabis dispensaries was breached. The exposure demonstrates the cascading risk when sensitive identity documents are trusted by ancillary services with weaker protections.
read more →

CMC analysis of Canvas incident impacts education

🔍 The UK Cyber Monitoring Centre (CMC) has published its review of the Canvas incident affecting Instructure’s Learning Management System, finding ~160 UK higher education institutions impacted and around 9,000 worldwide. The analysis highlights that financial losses arose mainly from response, recovery and risk management rather than prolonged outage. The CMC reinforced best-practice recommendations for the sector, including MFA enforcement, separation of application and data layers, careful third‑party control and clearer vendor communication.
read more →

DraftKings hacker 'Snoopy' sentenced to 18 months

🔒 A 21-year-old known as "Snoopy" was sentenced to 18 months in prison after pleading guilty to conspiracy to commit computer intrusion for his role in the November 2022 DraftKings account takeover. The attacker and co-conspirators compromised roughly 60,000 user accounts, added payment methods to 1,600 accounts, and stole $600,000. Authorities linked the scheme to online marketplaces and seller shops that trafficked access to stolen accounts.
read more →