< ciso
brief />
Tag Banner

All news with #data breach tag

785 articles · page 13 of 40

Extortion Emails Sent to HungerRush Restaurant Customers

🔔 Customers of restaurants using HungerRush, a provider of POS, online ordering, delivery, and payment services, reported receiving mass extortion emails claiming millions of customer records would be exposed if the company did not respond. The messages were delivered via Twilio SendGrid infrastructure and, according to headers, passed SPF, DKIM, and DMARC checks for the hungerrush.com domain. Security researchers also reported an earlier infostealer infection on an employee device that allegedly harvested corporate credentials, though a direct link to a confirmed breach has not been established. Customers should be vigilant for targeted phishing and SMS scams that may leverage any exposed data.
read more →

FBI Seizes LeakBase Cybercrime Forum and Member Data

🔒 The FBI has seized the LeakBase cybercrime forum and preserved data from more than 142,000 members as part of a multinational operation coordinated by Europol. On March 3–4 authorities seized two domains, switched nameservers to ns1.fbi.seized.gov and ns2.fbi.seized.gov, and posted a seizure notice. Investigators secured the forum database — including accounts, posts, private messages, credit details, and IP logs — for evidentiary use and executed arrests, searches, and interviews across the US, Australia, Belgium, Poland, Portugal, Romania, Spain, and the UK.
read more →

AkzoNobel Confirms Data Theft After U.S. Site Breach

🔓AkzoNobel confirmed a security incident at a U.S. site after the Anubis ransomware group posted a partial data leak. The company says the intrusion was contained locally and the impact is limited, and it is notifying and supporting affected parties. Anubis claims about 170GB and nearly 170,000 files were stolen, including confidential agreements and passport scans.
read more →

LexisNexis Confirms Breach After Hackers Leak Files

🔒 LexisNexis has confirmed a breach after the threat actor FulcrumSec posted 2.04 GB of files allegedly exfiltrated from its AWS environment. The group says they exploited a React2Shell vulnerability in an unpatched React frontend container on February 24 to reach Redshift tables, VPC databases and plaintext Secrets Manager entries. LexisNexis characterizes the material as mostly legacy data from before 2020 and says it contained no Social Security numbers, driver’s license numbers, financial data, active passwords, customer search queries, client/matter data, or contracts.
read more →

Third-Party Breaches Expand Blast Radius Across Supply

🛡️ Black Kite's seventh annual Third-Party Breach Report shows supplier breaches have a far larger downstream impact than commonly recognized. In 2025 analysis of verified public disclosures and external telemetry, 136 confirmed incidents averaged 5.28 publicly named downstream victims per vendor, totaling 719 corporate victims and 433 million affected individuals, with vendors also reporting an additional 26,000 unnamed corporate victims. The study highlights concentration among software services, prolonged detection and notification delays, and pervasive exposure to critical vulnerabilities and leaked credentials, concluding that traditional third-party risk management is not keeping pace.
read more →

Star Citizen Developer Discloses Backup Data Breach

🔒 Cloud Imperium Games (CIG), developer of Star Citizen and Squadron 42, disclosed a breach discovered on 21 January 2026 in which attackers accessed certain backup systems. The company says unauthorized access affected limited user personal data — primarily account metadata and contact details such as username, name and date of birth. CIG states no credentials or payment information were stored in the affected systems, access was read-only, and it has found no evidence of data modification or public leakage while it continues to monitor and investigate the incident.
read more →

University of Hawaii Cancer Center Data Breach Hits 1.2M

🔒 The University of Hawaii Cancer Center confirmed a ransomware breach that exposed data for nearly 1.2 million individuals after attackers accessed systems supporting its Epidemiology Division. Compromised files include names, Social Security numbers, driver's license numbers, and historical research health records collected in the 1990s and 2000s. UH says clinical operations, patient care, and student records were not affected and that it paid the actors for a decryption tool and to secure destruction of the stolen information.
read more →

Korean Tax Service Exposes Wallet Seed, $4.8M Stolen

🔓 South Korea’s National Tax Service inadvertently exposed the mnemonic recovery phrase of a seized Ledger hardware wallet in a press release, enabling an attacker to drain approximately $4.8 million in crypto. The assets were confiscated during raids on 124 high-value tax evaders, but photos released by authorities showed a handwritten seed phrase that was not redacted. On-chain analysis shows the attacker deposited ETH for gas and moved 4 million Pre-Retogeum (PRTG) tokens to a new address in three transactions. The NTS removed the press release, and it is unclear whether a formal investigation has been launched.
read more →

ManoMano data breach affects 38 million customers globally

🛠️ ManoMano has notified customers that a security incident tied to a third‑party customer service subcontractor resulted in the unauthorized extraction of personal data for approximately 38 million individuals. Exposed information reportedly varies by interaction and may include full name, email address, phone number, and customer service communications; no account passwords were accessed. Identified in January 2026, ManoMano says it revoked the subcontractor’s access, strengthened controls, informed regulators, and is advising customers to remain vigilant against phishing and social engineering.
read more →

Olympique Marseille Confirms Cyberattack After Data Leak

⚠️ Olympique de Marseille says it was the target of an attempted cyberattack after a threat actor claimed to have breached some servers and leaked a sample of allegedly stolen information. The actor claims the database includes details on about 400,000 individuals and more than 2,050 Drupal CMS accounts, including staff, contributors, and moderators. The club reports its technical teams and specialized providers quickly contained the situation, that operations continue normally, and that no banking details or passwords have been compromised; it has reported the incident to the CNIL and filed a complaint.
read more →

UFP Technologies Says Data Stolen in Cyberattack Report

🔒 UFP Technologies disclosed a cybersecurity incident detected on February 14 that compromised portions of its IT environment and resulted in data theft. The company says it isolated affected systems, engaged external cybersecurity advisors, and believes the intruder has been removed with access restored in all material respects. Some functions such as billing and label making were impacted, and the firm is investigating whether personal information was exfiltrated.
read more →

Marquis Sues SonicWall Over Cloud Backup Breach Lawsuit

🔒 Marquis Software Solutions has filed suit against SonicWall, alleging gross negligence and misrepresentation after a ransomware attack on August 14, 2025 that followed a compromise of a SonicWall firewall. Investigators say the attacker accessed configuration backups stored in SonicWall’s MySonicWall cloud—an exposure Marquis attributes to an API code change in February 2025—and used configuration data and AES-256-encrypted credentials to bypass MFA. The stolen files included extensive personal and financial information; Marquis says the incident disrupted operations for 74 U.S. banks and forced the firm to defend more than 36 consumer class actions while seeking monetary damages, indemnification and equitable relief.
read more →

Wynn Resorts Confirms Employee Data Breach After Extortion

🔒 Wynn Resorts confirmed an employee data breach after being listed on the ShinyHunters extortion group's leak site and said it activated incident response procedures. The company engaged external cybersecurity experts to investigate and reported that an unauthorized third party acquired certain employee data. Attackers claimed the stolen data had been deleted; Wynn said it has seen no evidence of publication or misuse to date and that guest operations remain unaffected. The company is offering complimentary credit monitoring and identity protection services to employees.
read more →

CarGurus Data Leak Exposes 12.4 Million Account Records

🔓 The extortion group ShinyHunters published a 6.1GB archive on February 21 containing 12.4 million records it alleges were stolen from CarGurus. Have I Been Pwned (HIBP) has added the dataset and reports compromised data types including email addresses, IPs, full names, phone numbers, physical addresses, account IDs, finance application data, dealer details, and subscription information. CarGurus has not confirmed the breach or replied to requests for comment. HIBP says about 70% of the records were already known, leaving roughly 3.7 million newly exposed entries that could be abused for phishing and other scams.
read more →

ShinyHunters Claims Breach of Dutch Telecom Odido

🔒 The ShinyHunters extortion gang claims it stole millions of user records from Dutch telecom Odido, adding the company to its dark‑web leak site and asserting nearly 21 million records were taken. Odido disclosed the incident on February 12, reporting that attackers accessed its customer contact system on February 7 and that exposed fields vary by customer. The carrier said no Mijn Odido passwords, call records, location data, billing data, or identity scans were exposed; ShinyHunters, however, alleges internal corporate data and plaintext passwords were also taken. Odido reported the breach to the Dutch Data Protection Authority, blocked the attackers' access, and engaged external cybersecurity specialists while investigations continue.
read more →

Optimizely Confirms Data Breach Following Vishing Attack

📢 Optimizely has confirmed a data breach after attackers used a sophisticated voice‑phishing (vishing) campaign to gain access to some internal systems on or before February 11. The company says the intruders accessed certain CRM records, internal back‑office documents, and basic business contact information but could not escalate privileges, install software, or create backdoors. Optimizely reports no evidence of access to sensitive customer data or personal information beyond business contacts, and business operations remain uninterrupted. It is warning customers to be vigilant for follow‑on phishing attempts leveraging the exposed contact details.
read more →

Cyberattack Claims: Personal Data of 27,000 RTL Staff

🔒 A threat actor calling themselves LuneBF is claiming to have stolen data belonging to more than 27,000 employees of the RTL Group and its subsidiaries, including Fremantle and M6. The attacker posted a 100-record sample allegedly taken from RTL’s intranet that contains names, emails, postal addresses and phone numbers. RTL has confirmed the incident and said it is investigating; it believes customer data is unlikely to be affected. Security experts warn the exposed contact details could enable targeted phishing, social engineering and pose particular risks to investigative journalists.
read more →

Advantest Hit by Ransomware, Potential Data Exposure

🔒 Advantest Corporation reported that its corporate network experienced a ransomware intrusion detected on February 15, prompting immediate isolation of affected systems and the engagement of third-party cybersecurity specialists. Preliminary findings indicate an unauthorized party may have deployed ransomware in portions of the network, though no data theft has been confirmed. The company says it will notify and advise any customers or employees if their information is determined to be impacted. The investigation is ongoing and, to date, no ransomware group has claimed responsibility.
read more →

Data Breach at French Bank Registry Exposes 1.2M Accounts

🔓The French Ministry of Finance confirmed a cybersecurity incident in late January after a threat actor used credentials stolen from a civil servant to access the national bank account registry FICOBA. The attacker accessed and likely exfiltrated data for about 1.2 million accounts, including bank identifiers (RIBs/IBANs), account holder names, addresses and sometimes taxpayer identification numbers. Authorities restricted the intruder’s access once detected and say the tax authority DGFiP is working with ANSSI and CNIL to secure systems. Affected users and banking institutions will be notified and warned to remain vigilant against scams.
read more →

PayPal Discloses Data Breach Exposing Users' Personal Data

🔓 PayPal is notifying customers that a software error in its PayPal Working Capital loan application exposed sensitive personal information, including Social Security numbers, for nearly six months. The company says the issue, present from July 1 to December 13, 2025, was caused by a code change that was rolled back after discovery on December 12. PayPal has reset passwords for affected accounts, refunded unauthorized transactions for some users, and is offering two years of Equifax credit monitoring.
read more →