< ciso
brief />
Tag Banner

All news with #data breach tag

785 articles · page 10 of 40

Drift Loses $280M as North Korean Hackers Seize Council

🔒Drift Protocol lost at least $280 million after an attacker seized administrative control of its Security Council and drained protocol funds. Blockchain intelligence firms Elliptic and TRM Labs linked the operation to North Korean actors, citing on-chain tradecraft such as Tornado Cash use, CarbonVote timing, cross-chain bridging, and rapid laundering. Drift says no smart contract bugs or seed phrases were compromised; core functions are frozen while investigations continue.
read more →

Smashing Security #461: Lost $400M Bitcoin, Ajax Breach

🎣 In episode 461 of Smashing Security, host Graham Cluley and guest Danny Palmer discuss a remarkable Bitcoin mystery: an Irishman who converted drug proceeds into BTC in 2011 now allegedly controls $400 million, but the access codes were hidden in a fishing-rod case that disappeared — until one frozen wallet unexpectedly moved $35 million. The episode also covers a major data breach at Ajax Football Club that may have exposed the personal details of around 300,000 supporters, enabling ticket theft and manipulation of stadium ban lists. Additional topics include an Iran-linked compromise of the FBI director’s personal email, reliability differences between Windows and macOS, and a UK court case in which CCTV footage was used in a crypto theft claim.
read more →

Hackers Target Iranwire Exile Portal, Judiciary Reports

🛡️According to the Iranian judiciary's mouthpiece Misan, the exile news portal Iranwire was allegedly breached and a large volume of sensitive material was taken, including correspondence, staff lists, informant identities and other highly confidential records. The site displayed a maintenance notice while continuing to post on social media, and authorities blamed the hacker group Handala, which has been linked to prior operations.
read more →

Cisco Source Code Stolen After Trivy Supply-Chain Breach

🔐 Cisco has confirmed a breach of its internal development environment after threat actors leveraged credentials stolen in the recent Trivy supply-chain compromise. Attackers used a malicious GitHub Action to harvest CI/CD credentials and clone more than 300 repositories, including source for AI-powered products and some customer code. Multiple AWS keys were also taken and used in limited unauthorized activity. Cisco has isolated affected systems, begun reimaging, and is rotating credentials while investigating ongoing fallout tied to related supply-chain attacks.
read more →

Employee Data Breaches Reach Seven-Year High in UK

🔒 New analysis from law firm Nockolds shows employee data breaches reported to the UK Information Commissioner’s Office reached 3,872 incidents in 2025, a 5% year‑on‑year increase and about 29% above the 2019 baseline of 3,010. The report highlights a divergence in incident types: cyber-related breaches fell 6% to 1,568, while non-cyber incidents rose 15% to 2,304. Nockolds principal associate Joanna Sutton attributes the shift to hybrid working and gaps in physical and procedural safeguards, and urges closer collaboration between HR and security teams to improve training, policies and risk controls.
read more →

Hacker Charged After $53M Theft From Uranium Exchange

🔒 U.S. prosecutors have charged 36-year-old Jonathan Spalletta, known online as 'Cthulhon' and 'Jspalletta', with stealing more than $53 million after hacking the Uranium Finance crypto exchange twice and laundering proceeds through a cryptocurrency mixer. The indictment alleges he abused multiple smart contract coding flaws in April 2021 to drain liquidity pools and extorted a sham bug bounty. A 2025 search recovered high-value collectibles and about $31 million in cryptocurrency; Spalletta faces computer fraud and money laundering counts that carry substantial prison terms.
read more →

Dutch Finance Ministry Shuts Treasury Portal After Breach

🔒The Dutch Ministry of Finance has taken several systems offline, including its digital portal for treasury banking, while investigating a security breach first detected on March 19. Around 1,600 public institutions are currently unable to view treasury balances or use portal services, though participants retain full access to funds and incoming/outgoing payments continue through regular banking channels. The ministry is working with the NCSC, external forensic specialists, and the national police; no data theft or responsible threat actor has been publicly confirmed.
read more →

CareCloud: Hackers Access Patient Records During Outage

🔒 CareCloud disclosed a cybersecurity incident on March 16 that caused a temporary network disruption and limited access to one of its six electronic health record (EHR) environments for approximately eight hours. The company engaged its cyber insurance carrier and a Big Four cyber response advisory team to perform forensic work and secure the environment. CareCloud says the attacker no longer has access, but the scope of exposed patient data and the number of impacted individuals remain under investigation.
read more →

Lloyds Glitch Exposed Personal Data of 447,936 Customers

⚠️ A software defect introduced during a routine overnight update on 12 March at Lloyds Banking Group briefly exposed transactions and account information belonging to as many as 447,936 customers across Lloyds, Halifax and Bank of Scotland mobile apps. Approximately 114,182 users clicked transactions that displayed other customers' details, which could include payment references and national insurance numbers. The bank reported the issue to regulators within required timeframes, paid £139,000 to 3,625 customers in compensation, and said it found no evidence of financial loss or fraud.
read more →

European Commission Confirms Cloud Infrastructure Breach

🔐The European Commission has confirmed a cyber-attack affecting cloud infrastructure that hosts the Europa.eu platform and says early findings indicate data were taken. The incident was detected on March 24 and announced on March 27; containment and forensic measures were deployed while internal systems reportedly remained unaffected. Screenshots and claims from ShinyHunters allege a roughly 350GB haul including mail servers, databases, NextCloud content and employee PII, and researchers warn the compromise could expose DKIM keys, SSO directories and other sensitive assets.
read more →

European Commission Confirms Data Breach at Europa.eu Hack

🔒 The European Commission has confirmed a data breach after its Europa.eu web platform was compromised in an attack claimed by the ShinyHunters extortion group. The intruders reportedly accessed at least one AWS account and exfiltrated hundreds of gigabytes, though the Commission says its internal systems were not affected. Authorities have been notified and an investigation is ongoing to determine the full impact.
read more →

FBI Confirms Hack of Director Kash Patel's Email Inbox

📧 The FBI confirmed that the Iran-linked Handala group breached the personal Gmail account of Director Kash Patel and published watermarked photos, documents, and email correspondence. The bureau said the material appears historical, is not recent, and does not include government information. The FBI added it has taken precautions to mitigate potential fallout. Handala claimed the attack was retaliation after domain seizures and a $10 million reward.
read more →

Iran-linked Handala Hackers Leak FBI Director's Emails

🔒 Threat actors linked to Iran's MOIS claimed they breached the personal email account of FBI Director Kash Patel and published a cache of photos and historical emails. The FBI confirmed Patel's emails were targeted, said necessary mitigations were enacted, and characterized the released material as historical and not government information. Security firms attribute the campaign to the Handala Hack persona, which relies on compromised VPN accounts, RDP lateral movement, and destructive wipers, prompting Microsoft and CISA guidance to harden Intune and enforce phishing‑resistant MFA.
read more →

European Commission Data Stolen in Cloud Infrastructure

🔒 The European Commission is investigating a cyberattack on its Europa.eu platform after a threat actor claimed to have exfiltrated more than 350GB of data from compromised AWS accounts. The attacker told a security reporter they intend to publish the stolen files rather than extort the Commission. The Commission said public websites remain available, internal systems were unaffected, and containment and mitigation measures were implemented while inquiries continue.
read more →

Lloyds Bank bug exposed customers' transaction data

🔓 Lloyds Banking Group has disclosed a software glitch that briefly allowed some mobile app users to see other customers' transactions. The bank told the UK Parliament’s Treasury Committee the problem followed an overnight IT change and a defect in the design of the code used to update the API behind the app. Of 21.6 million app users, 447,936 may have been shown another user's transactions and 114,182 may have viewed transaction details during the incident. Lloyds said no full account access or customer losses were identified and that it notified regulators, including the ICO.
read more →

European Commission Probes Amazon Cloud Account Breach

🔒 The European Commission is investigating a security breach after a threat actor gained access to an Amazon cloud account used to manage Commission infrastructure. The actor claims to have exfiltrated over 350 GB of data, including multiple databases, and provided screenshots as proof while stating they will not extort the Commission but may leak the data later. The Commission's cybersecurity incident response team detected the incident quickly and is investigating; the case follows a January MDM compromise linked to other EU institution attacks.
read more →

European Commission Investigates Amazon Cloud Account Breach

🔒 The European Commission is investigating a security breach after a threat actor accessed an Amazon cloud account used to manage Commission infrastructure. Sources say the intrusion was quickly detected and that the Commission's cybersecurity incident response team is now probing the incident. The actor claims to have stolen 350 GB of data, including multiple databases, and provided screenshots showing access to employee information and an internal email server. The actor says they will not extort the Commission but may leak the data later.
read more →

UK Sanctions Chinese Crypto Marketplace Xinbi over Scam Hubs

🚨 The UK has imposed sanctions on the China-based cryptocurrency marketplace Xinbi, accusing it of enabling large-scale scam operations across Southeast Asia and facilitating crypto laundering. Authorities say Xinbi, which reportedly handled over $19.7 billion of inflows, sold victim data and traded satellite internet equipment used to contact targets. The action targets Xinbi and related firms and individuals linked to the Prince Group and #8 Park, and includes plans to freeze London properties.
read more →

Dutch Police Reports Limited Breach After Phishing Attack

🔒 The Dutch National Police disclosed a security breach stemming from a successful phishing attack, saying the incident was detected quickly and access was blocked by its Security Operations Center. Officials describe the impact as limited and state that citizens' data and investigative information were not accessed. A criminal investigation and an internal probe into affected systems are ongoing.
read more →

Ajax systems flaw exposed fan data and enabled ticket hijack

🔒 Ajax Amsterdam disclosed that a hacker exploited vulnerabilities in its IT systems, allowing access to some fan data and control over ticket transfers. The club said only email addresses for a few hundred people were viewed and that fewer than 20 stadium-banned individuals had names, emails and dates of birth exposed. RTL journalists, tipped by the attacker, independently verified the flaws and demonstrated the ability to transfer season tickets, modify stadium bans and access broad fan data via APIs and shared keys. Ajax has engaged external experts, patched the vulnerabilities, notified authorities and advised fans to remain vigilant for impersonation attempts.
read more →