< ciso
brief />
Tag Banner

All news with #data breach tag

785 articles · page 15 of 40

Men Charged in $3M FanDuel Fraud Using 3,000 Stolen IDs

🔍 Two Connecticut men were indicted for an alleged scheme that used about 3,000 stolen identities to defraud online gambling platforms, including FanDuel, of roughly $3 million. Prosecutors say Amitoj Kapoor and Siddharth Lillaney purchased PII on darknet markets and Telegram, maintained a spreadsheet called "Tracker.xlsx", and used services like TruthFinder and BeenVerified to pass verification. The indictment charges multiple counts including wire and identity fraud, aggravated identity theft, and money laundering; both were arrested and released on $300,000 bond.
read more →

BridgePay Confirms Ransomware Caused System-wide Outage

🔒 BridgePay Network Solutions has confirmed a ransomware attack triggered a system-wide IT outage, according to security alerts published on February 6. Initial forensic work indicates no payment card data appears to have been compromised and that any accessed files were encrypted. The company said it is working with cybersecurity specialists, the FBI and the US Secret Service and that recovery may be lengthy; it will provide regular updates to affected customers and partners.
read more →

European Commission: Mobile Management Platform Breach

🔒 The European Commission is investigating a breach after detecting traces of a cyberattack against its mobile device management platform on 30 January. The incident may have exposed some staff names and mobile numbers, but investigators say there is no evidence that individual mobile devices were compromised. The Commission says the affected system was contained and cleaned within nine hours. The activity is believed to be linked to exploitation of Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities.
read more →

BridgePay Confirms Ransomware Knocked Payment Systems

🔒 BridgePay Network Solutions confirmed a ransomware incident that took multiple payment systems offline, triggering a nationwide outage. The company says it has engaged federal law enforcement, including the FBI and U.S. Secret Service, and retained external forensic and recovery teams. Initial forensics report no payment card data compromised, files were encrypted, and restoration is ongoing with no ETA.
read more →

Substack Confirms Breach Exposed Emails and Phones to Users

🔒 Substack has confirmed a security incident in which an unauthorized third party accessed limited user information, including email addresses, phone numbers and other internal metadata. CEO Chris Best said the company detected evidence of the issue on February 3 and notified some users on February 5, saying the data collection occurred in October 2025. Substack stated that no financial data or passwords were accessed, that the vulnerability has been fixed, and that a full investigation is underway.
read more →

Flickr warns of possible data breach exposing emails and usernames

⚠️Flickr says a vulnerability in a third‑party email service may have exposed member names, email addresses, IP addresses, general location data, Flickr usernames, account types and records of platform activity. The company says it shut off access to the affected system within hours on February 5, 2026, and that passwords and payment card data were not compromised. Flickr urged affected users to review account settings, remain vigilant for phishing, and change reused passwords while it investigates and strengthens monitoring of third‑party providers.
read more →

Spain's Ministry of Science Shuts Systems After Breach

🔒 Spain's Ministry of Science partially shut down several IT systems after reporting a "technical incident" that suspended citizen- and company-facing services. A threat actor using the alias GordonFreeman claims to have exploited an IDOR vulnerability to obtain full-admin credentials and posted samples of personal records, email addresses, enrollment applications and screenshots of official paperwork. The forum post has been taken offline and the leaked data has not been independently verified. The ministry said it will extend affected deadlines while assessing the incident.
read more →

Substack Breach Exposes Users' Emails, Phone Numbers

🔐 Substack disclosed that a third party exploited an unspecified weakness in its systems in October, exposing user email addresses, phone numbers and other internal metadata. The company identified the issue on February 3, said it has fixed the vulnerability, and is conducting a full investigation. Substack maintains the breach did not include passwords, credit card numbers, or financial data, but has not disclosed the full scope or publicly posted a detailed incident report.
read more →

Substack Notifies Users of Data Breach Affecting Contacts

🔒 Substack informed users that an unauthorized third party accessed limited account data in October 2025, including email addresses, phone numbers, and other internal metadata. CEO Chris Best said the company discovered the issue on February 3 and has fixed the vulnerability, stressing that passwords, credit card numbers, and financial information were not accessed. A dataset of 697,313 alleged records was posted to BreachForums, and Substack warned of potential phishing attempts.
read more →

Ransomware Claims Target Bremen-Based Buhlmann Group

🔐 The Akira ransomware group claims it breached Bremen-based steel trader Buhlmann Group and exfiltrated roughly 55 gigabytes of sensitive data, according to a darknet post. Buhlmann has not issued an official corporate statement; a company spokeswoman told local outlet buten un binnen that a U.S. subsidiary's IT system was compromised. The company says its German and EU operations are not affected.
read more →

Betterment Data Breach Exposes 1.4 Million Accounts

🔒 Betterment disclosed a January incident in which threat actors accessed systems and stole contact and personal data from an estimated 1,435,174 accounts, including names, email addresses and location details. The attackers also sent fraudulent promotional emails promoting a cryptocurrency reward scam; Betterment says clicking the message did not compromise accounts. A forensic review with CrowdStrike found no evidence of customer account, password, or login credential theft, and the company reports the unauthorized access has been removed.
read more →

Coinbase Confirms Contractor Insider Breach of Support Data

🔒 Coinbase confirmed that a contractor improperly accessed data for approximately 30 customers in a December incident, and the individual no longer performs services for the company. Impacted users were notified, provided identity theft protection services, and Coinbase disclosed the incident to relevant regulators. Screenshots of an internal support panel briefly appeared on Telegram and were associated with the 'Shiny Lapsus Hunters' posts, showing customer PII, KYC details, and wallet balances, though attribution remains unclear.
read more →

Step Finance: Executive Device Compromise Leads to $40M Theft

🚨 Step Finance announced on January 31 that attackers compromised devices belonging to several executives, resulting in the theft of roughly $40 million in digital assets. The Solana-based DeFi analytics and execution platform engaged external cybersecurity researchers and law enforcement and has recovered about $4.7 million so far through Token22 protections and partner coordination. Some operations are paused to strengthen security. Users are advised not to interact with the STEP token while a pre-exploit snapshot and remediation plan are processed.
read more →

Iron Mountain Breach Limited Mainly to Marketing Files

🗂️ Iron Mountain says a recent incident claimed by the Everest extortion group was limited primarily to marketing materials. Attackers used a compromised credential to access a single public-facing file-sharing folder containing vendor marketing files; no customer confidential data or other systems were affected. The company confirmed no ransomware or malware was deployed and the compromised credential has been deactivated.
read more →

UK ICO Investigates X Over AI-Generated Sexual Images

🛡️ The UK Information Commissioner’s Office has opened a formal investigation into X and its AI assistant Grok after reports the system generated non-consensual sexual images using people’s personal data. The inquiry will assess whether such data were processed lawfully, fairly and transparently and whether appropriate safeguards were integrated into Grok’s design and deployment to prevent harmful image manipulation. The ICO has requested urgent information from X and warned the reports raise risks of significant harm, particularly to children.
read more →

UK ICO Probes X's Grok Over AI-Generated Sexual Images

🔍 The UK Information Commissioner's Office has opened a formal investigation into X and its Irish subsidiary after reports that the AI assistant Grok generated nonconsensual sexually explicit images using individuals' personal data. The ICO said it contacted X and xAI on January 7 to request urgent information and will assess whether X Internet Unlimited Company and X.AI LLC processed data lawfully and had adequate safeguards. The regulator warned that loss of control over intimate personal data can cause immediate and significant harm, especially where children are involved.
read more →

Three Disruptive Cyber Trends Impacting Financial Services

🔍 The financial sector saw cyber incidents more than double in 2025 (864 → 1,858), driven by three dominant trends: surging DDoS campaigns, a sharp rise in data breaches and leaks, and the commercialization of cybercrime-as-a-service. These threats exploited weaknesses in cloud security, identity governance, and third-party risk. Banks and fintechs must accelerate adoption of layered defenses, continuous monitoring, and stronger vendor controls to maintain resilience.
read more →

Moltbook Misconfiguration Exposes User Data and API

🔓 Security researchers at Wiz discovered a public Supabase API key in Moltbook’s client-side JavaScript that granted unauthenticated read/write access to the production database. The misconfiguration—absence of Row Level Security (RLS) policies—exposed around 1.5 million agent tokens, roughly 30,000 email addresses and thousands of private messages. With write privileges an attacker could impersonate any agent, inject malicious content or prompt-injection payloads, and deface the site. Moltbook’s developer has since remediated the issue after multiple rounds of fixes with Wiz.
read more →

Notepad++ Update Hijack Linked to Hosting Provider Breach

🔒 A months-long supply chain attack redirected update traffic for notepad-plus-plus.org to attacker-controlled servers, enabling malicious manifests to be served to the built-in WinGUp updater and, in some cases, pointing users to compromised executables. Investigators conclude the intrusion stemmed from a compromise of the shared hosting provider infrastructure rather than a flaw in the Notepad++ code. Logs suggest the breach began in June 2025, with direct server access ending on 2 September 2025 while exposed credentials lingered until 2 December 2025.
read more →

Panera Bread breach affects 5.1M accounts, not 14M customers

🔒 Have I Been Pwned reports that a January 2026 data breach at Panera Bread exposed roughly 5.1 million unique email addresses and associated contact information, rather than 14 million distinct customers as initially claimed. The files, totaling about 760 MB, were published by the ShinyHunters extortion group after an alleged failed ransom attempt. ShinyHunters says it gained access via a Microsoft Entra SSO code as part of a broader vishing campaign targeting SSO providers. Panera has confirmed the incident to authorities and said the data is contact information.
read more →