< ciso
brief />
Tag Banner

All news with #data breach tag

785 articles · page 16 of 40

NationStates Confirms Data Breach, Temporarily Shuts Site

🔒 NationStates has confirmed a data breach after taking its browser-based game offline following a player-reported vulnerability that resulted in remote code execution on the production server. The attacker exploited a double-parsing and input sanitization flaw in the Dispatch Search feature to copy application code and user data, including email addresses, MD5 password hashes, login IPs, and browser User-Agent strings. NationStates says telegram contents were likely partially exposed, is wiping and rebuilding the production environment, has reported the incident to authorities, and expects service to be restored within two to five days.
read more →

Exposed MongoDB Instances Targeted in Extortion Campaign

🔒 A threat actor is automating data-extortion attacks against publicly exposed MongoDB instances, compromising roughly 1,400 servers and leaving ransom notes demanding about 0.005 BTC (~$500). Researchers at Flare found over 208,500 publicly reachable MongoDB servers, with 3,100 allowing access without authentication and nearly half of those already wiped. There is no guarantee that paying ransoms will restore data or provide working keys. Victims are urged to avoid public exposure, enforce strong authentication, apply network controls, and keep instances updated.
read more →

ShinyHunters Launch Vishing Campaign Targeting 100s

📞 Notorious extortion group ShinyHunters released tens of gigabytes of files it claims were stolen from dating services including Hinge, Match, OkCupid and Bumble. Researchers link the disclosures to a broader campaign that combines automated phishing kits with voice-based social engineering to capture credentials and MFA tokens in real time. Security firm Silent Push detected a 'Live Phishing Panel' and infrastructure consistent with SLSH activity targeting more than 100 high-value organizations. Organizations are advised to verify IT support calls through official out-of-band channels and audit OSS logs for suspicious device enrollments and new-IP logins.
read more →

Match Group Breach Exposes Data from Multiple Dating Apps

🔒Match Group confirmed a security incident after the ShinyHunters group leaked 1.7 GB of compressed files allegedly containing about 10 million records from Hinge, Match, and OkCupid, along with internal documents. The company says it terminated unauthorized access, is working with external experts, and believes a limited amount of user data was exposed with no indication that login credentials, financial information, or private communications were accessed. Match Group is notifying affected individuals as appropriate and continuing its investigation.
read more →

Marquis Links Ransomware Breach to SonicWall Cloud Backup

🔒 Marquis Software Solutions says a ransomware attack in August 2025 that disrupted systems serving dozens of U.S. banks and credit unions was enabled by a breach at SonicWall's cloud backup service. Rather than exploiting an unpatched firewall, attackers used configuration data taken from backup files accessed after unauthorized access to the MySonicWall portal, according to Marquis and a third-party investigation. Marquis is evaluating options including seeking recoupment of response costs for itself and affected customers. SonicWall has acknowledged the MySonicWall breach and said a Mandiant probe linked the incident to state-sponsored actors.
read more →

France Travail Fined €5m After 2024 Breach Exposed 43M

🔒 France Travail has been fined €5 million by the CNIL after a March 2024 cyber-attack that potentially exposed personal data for an estimated 43 million jobseekers. The regulator found failures including weak authentication for Cap Emploi advisors, insufficient logging and monitoring, and overly broad access permissions, breaching Article 32 of the GDPR. France Travail must provide evidence of corrective measures on a strict timeline or face a €5,000 daily fine.
read more →

France fines employment agency €5 million over breach

📢 France Travail was fined €5 million by CNIL after a 2024 breach exposed personal data for up to 43 million job seekers. CNIL said attackers used social engineering to hijack CAP EMPLOI advisers' accounts, exposing names, birth dates, national insurance numbers, addresses, emails and phone numbers. The watchdog ordered documented corrective measures and warned of €5,000 daily penalties if the agency fails to comply.
read more →

US Data Breaches Hit Record High in 2025; Victims Drop

📈 The Identity Theft Resource Center (ITRC) reports a record 3,332 US data "compromises" in 2025, a 5% rise from 2024. Despite the higher incident count, individual victims fell to 279 million from 1.4 billion, driven by the absence of large-scale "mega breaches" seen in 2023. Financial services was the hardest-hit sector with 739 compromises (22%). The ITRC warned that opaque breach notices—70% lacked attack type—undermine consumer protection and urged Zero Trust, stronger identity verification and greater transparency.
read more →

GDPR Violation Reports Surge to Highest Daily Rate

📈 A new DLA Piper report finds that notifications of GDPR violations across the EU averaged 443 reports per day in 2025, a 22% increase over 2024. The firm cautions that the dataset does not definitively explain the rise but highlights likely drivers such as geopolitical tensions, new attacker technologies, and expanded mandatory reporting laws. Annual fines remained near €1.2 billion while cumulative penalties total about €7.1 billion since 2018.
read more →

eScan Confirms Update Server Breach That Pushed Malware

⚠️ MicroWorld Technologies, maker of eScan, confirmed a breach of a regional update server that delivered an unauthorized, later-analyzed malicious update to a subset of customers during a two-hour window on January 20, 2026. The company says it isolated and rebuilt the affected infrastructure, rotated credentials, and issued a remediation tool. Security firm Morphisec published a technical analysis linking a modified Reload.exe to multi-stage malware and a backdoor named CONSCTLX.exe, and the vendors dispute who reported the incident first.
read more →

Massive Data Leak Exposes 149M Login Credentials Worldwide

🔒 Cybersecurity researcher Jeremiah Fowler uncovered a publicly accessible database containing 149 million login credentials, including usernames, plaintext passwords and direct login URLs. Affected accounts span major tech and streaming providers, with about 48 million Gmail entries, 17 million Facebook and 6.5 million Instagram records. Fowler attributes the collection to keyloggers and infostealer malware and warns the dataset enables automated credential-stuffing, targeted fraud and convincing phishing campaigns.
read more →

Sicarii Ransomware Discards Keys, Risks Permanent Data Loss

⚠️ Halcyon researchers report a Sicarii ransomware variant that generates a fresh RSA key pair on each execution and immediately discards the private key, leaving encrypted files unrecoverable even if victims pay or use a provided decryptor. Analysts attribute the defect to poor key management or immature development, possibly involving AI-assisted tooling. Affected organizations should prioritize containment, isolate systems, and restore only from known-good, offline, or immutable backups rather than relying on ransom-based recovery.
read more →

Chinese Money Laundering Networks Drive $82bn Global Shift

🔍 Chainalysis warns that Chinese-language money laundering networks now underpin a rapidly expanding global crypto laundering ecosystem, handling roughly 20% of illicit flows over the past five years. Last year these networks processed an estimated $16bn—about $44m per day—across 1,799+ active wallets. The firm traces the rise from a $10bn market in 2020 to over $82bn last year and identifies six operational typologies, from running point brokers to swapping-as-a-service, which increasingly avoid centralized exchanges and exploit OTC, gambling and mule-based layering services.
read more →

Data Protection Day 2026: From Compliance to Resilience

🛡️ On Data Protection Day 2026, CrowdStrike urges organizations to move beyond checkbox compliance toward operational resilience against modern data risks. The post details how adversaries exploit stolen credentials, identity abuse, SaaS sprawl and AI-driven workflows to access and exfiltrate data, often without crossing conventional boundaries. It calls for controls across identity, endpoints, browsers and the AI interaction layer, and highlights Falcon AIDR as a runtime capability to detect prompt injection, model manipulation and unauthorized tool execution while preserving legitimate workflows.
read more →

Nike Investigates Data Breach After Extortion Leak

🔒 Nike is investigating a potential cyber security incident after the extortion group World Leaks published 1.4 TB of files it claims were stolen from the company. Nike said it takes consumer privacy and data security seriously and is actively assessing the situation. The group claimed nearly 190,000 corporate files but later removed Nike from its leak site, a step often seen during negotiations or after a ransom payment.
read more →

Have I Been Pwned: SoundCloud breach affects 29.8M

🔒 SoundCloud confirmed unauthorized activity in December 2025 after users reported 403 errors and the company said it had activated incident response procedures; it indicated no passwords or financial data were accessed. Have I Been Pwned later disclosed the incident impacted 29.8 million accounts, exposing email addresses, names, usernames, avatars, follower/following counts and, in some cases, country. Sources and updates attribute the intrusion to the ShinyHunters extortion group, which attempted to extort SoundCloud and used email flooding to harass users, employees, and partners.
read more →

World Leaks Claims 188k Nike Files in Major Breach

🔒 Nike has entered incident response after the World Leaks ransomware group posted a claimed 188,000+ files from the company to its leak site, with the countdown expiring last Sunday and the full dump now live. The firm said it is investigating a potential cybersecurity incident and actively assessing the situation. Leaked folders reviewed by reporters include development, tech packs and evaluations, and schematics, indicating design and supply-chain materials may be exposed.
read more →

Law Firm Probes Coupang Security Failures After Breach

🔍 US law firm Hagens Berman is investigating alleged security failures at Coupang after a June 2025 breach that may have exposed the personal data of 33.7 million customers. The firm says it is probing why it took nearly six months to detect a former employee’s access and alleges inadequate access protocols. Investors are being urged to join a class action by the February 17 lead-plaintiff deadline. South Korean regulators and police have also opened inquiries, and Coupang has faced executive changes and an order to remove a liability disclaimer from its terms.
read more →

Under Armour Investigates Alleged Leak of 72M Records

🔒 Under Armour is investigating claims that an unauthorized third party obtained customer data after the Everest ransomware group allegedly added the brand as a victim and claimed to have taken 343GB of information. Reports on 18 January 2026 said roughly 72 million email addresses and other personal details were posted on a hacking forum, and the incident was listed by Have I Been Pwned on 21 January. Compromised data is reported to include names, dates of birth, genders, geographic locations, purchase history and possibly phone numbers and some employee contact information. Under Armour says there is no evidence UA.com, payment processing systems or customer passwords were affected, and the company is working with external cybersecurity experts to investigate.
read more →

Insider Threats: Recognising and Managing Internal Risk

🔒 A growing body of evidence shows insider threats are a systemic and underestimated risk: a Bitkom survey found 48% of German companies attribute data theft, espionage or sabotage to employees. Insiders hold legitimate access and institutional knowledge, enabling subtle misuse that often evades technical controls. Effective protection requires shifting from isolated tools to a holistic, human-centred approach that combines culture, governance and clear ownership of risk.
read more →