All news with #data breach tag

🔓 A threat actor using the handle 'Lovely' claims to have leaked an alleged WIRED subscriber database containing 2,366,576 records and offered access on hacking forums for roughly $2.30 in site credits. BleepingComputer validated multiple records and security researchers, including Alon Gal, corroborated the dataset via infostealer logs. The dataset includes email addresses, optional PII (names, addresses, birthdays, phone numbers), account timestamps spanning 1996–2025, and has been added to Have I Been Pwned for user checks.

🚨 Ubisoft's Rainbow Six Siege suffered an in‑game abuse incident that allowed attackers to ban and unban players, display fake ban messages, and grant approximately 2 billion R6 Credits and Renown to accounts worldwide. Ubisoft confirmed the issue at 9:10 AM Saturday, intentionally shut down Siege and its Marketplace while teams investigated, and said transactions since 11:00 UTC will be rolled back. The company stated players will not be punished for spending the granted credits.

🔐 TRM Labs says encrypted vault backups stolen in the 2022 LastPass breach have been incrementally cracked by attackers exploiting weak master passwords, resulting in cryptocurrency drains as recently as late 2025. The firm traces over $35 million in siphoned assets, much of it laundered through CoinJoin and Russian-linked exchanges. TRM highlights how demixing and operational analysis linked activity to Russia-associated infrastructure and warns users who did not rotate credentials remain at risk.

🔒 The FBI has seized the domain web3adspanels.org and the backend database used to host thousands of stolen U.S. bank login credentials collected via phishing ads on Google and Bing. Authorities report confirmed financial losses of about $14.6 million and attempted losses near $28 million, affecting at least 19 victims including two companies in the Northern District of Georgia. The seizure, conducted with help from Estonian and other international partners, removed a server that was active as recently as November; no arrests have been announced.

🔐 Small and medium-sized businesses became the primary target of data breaches in 2025, as attackers shifted focus from well-defended large enterprises to higher-volume attacks against smaller organizations. High-profile incidents at Tracelo, PhoneMondo, and SkilloVilla exposed millions of customer records—predominantly names and contact information—raising the risk of follow-on phishing and fraud. To reduce breach risk in 2026, adopt two-factor authentication, enforce the principle of least privilege for access control, and centralize credentials with a secure password manager. These steps are practical, cost-effective, and scalable for SMBs.

🔒 University of Phoenix disclosed a breach affecting 3,489,274 individuals after attackers accessed its systems in August and stole sensitive personal and financial data. Investigators say the intrusion targeted the Oracle E-Business Suite, exploiting a zero-day tracked as CVE-2025-61882, active August 13–22 and detected November 21. The university is offering 12 months of credit and dark web monitoring, identity recovery and a $1m fraud reimbursement. The incident is linked to Clop and forms part of a wider campaign that has hit more than 100 organizations.

🔒 Coupang disclosed a massive breach via a Form 8-K 28 days after discovering unauthorized access on Nov. 18, 2025, prompting a US securities class action that alleges the delay violated SEC rules requiring material incident disclosure within four business days. The complaint asserts CEO Bom Kim and CFO Gaurav Anand knew or recklessly disregarded inadequate cybersecurity controls that allowed a former employee to access customer data for nearly six months. Investigators found signing keys and authentication tokens were not revoked after the employee’s departure, exposing personal information from 33.7 million accounts and revealing systemic failures in key management. Coupang faces parallel scrutiny from South Korean authorities, potential fines, and ongoing litigation.

🔓 Nissan has disclosed that a third-party breach at Red Hat in September led to the exposure of about 21,000 customer records tied to its Fukuoka sales unit. The carmaker said it was notified by Red Hat on October 3 and has informed the Personal Information Protection Commission while contacting affected individuals. Exposed fields include names, addresses, phone numbers and partial email addresses, but not payment card data. Nissan warned customers to be vigilant for suspicious calls or mail while investigations continue.

📦Brushing scams involve sellers sending unsolicited, low‑value items to random addresses to create fake purchase histories and post 5‑star reviews. Attackers obtain names and mailing addresses from breaches, people‑search services or public scraping, then use fake buyer accounts to place and rate orders. Parcels can signal compromised data and sometimes include QR codes that lead to phishing or malware. If you receive an unexpected item, check accounts, enable MFA, and report it to the marketplace.

🔒 Baker University disclosed a 2024 data breach after attackers accessed its network in December 2024 and exfiltrated records for 53,624 individuals. The compromised information potentially included names, dates of birth, Social Security numbers, driver’s license and passport numbers, financial account details, and medical and insurance information. The university is offering free credit monitoring and says it has engaged external cybersecurity experts and rebuilt a primary compromised platform.

🔓 Nissan confirmed that personal data for about 21,000 customers who purchased vehicles or received services at Nissan Fukuoka was exposed after a September breach of Red Hat's development environment. Leaked fields include full names, physical addresses, phone numbers, email addresses and sales-related customer data; no financial or credit card data were affected. Nissan says it has no evidence the data have been misused.

🎵 Spotify is investigating claims by a collective of pirate activists who say they accessed 256 million rows of metadata and 86 million audio files — roughly 300 terabytes in total. The activists report that metadata, but not audio files, was made publicly available via Anna’s Archive, which frames the release as cultural preservation. Spotify has confirmed a probe into an incident in which a third party allegedly scraped public metadata and bypassed DRM protections to access certain audio files.

🔒 The University of Phoenix disclosed that the Clop ransomware gang stole personal and financial data for 3,489,274 people after exploiting a zero-day in the Oracle E-Business Suite. The university says names, contact details, dates of birth, Social Security numbers, and bank routing and account numbers were accessed. UoPX detected the intrusion after Clop posted the stolen files and is offering complimentary identity protection and a $1 million fraud reimbursement policy.

🔒 Coupang disclosed a data breach impacting 33.7 million customer accounts, exposing names, phone numbers, email addresses, delivery address books and purchase histories. The company detected unusual activity on November 6, confirmed a breach on November 18 and publicly disclosed the incident on November 29; attackers had access from June 24 to November 8. A former employee who retained access keys is the prime suspect. The incident highlights gaps where non‑mandated data remained unencrypted and underscores the need for stronger voluntary protections.

🔓 Doublespeed, a startup backed by Andreessen Horowitz (a16z), was breached, exposing its operation of hundreds of AI-generated social media accounts and a phone farm controlling more than 1,000 smartphones. The anonymous intruder said they reported a vulnerability to Doublespeed on October 31 and still have access to the company's backend, including the device fleet. The compromise reveals promoted products often lacked required advertising disclosures and raises concerns about platform abuse and regulatory compliance.

🔒 The University of Sydney reported unauthorized access to an online code repository that resulted in the theft of files containing personal information for more than 27,000 individuals. The breach affected current and former staff, students and alumni and included names, dates of birth, contact details and job information. The university says it detected the incident last week, blocked the access, notified regulators and launched support and notification processes for impacted people.

🔒 Cybernews reports researchers found an unsecured 16 TB MongoDB instance exposing roughly 4.3 billion personal and professional records. The dataset included names, emails, phone numbers, LinkedIn profile details, employment history, education, social accounts and profile images — data consistent with large-scale LinkedIn scraping. The operator secured the database two days after discovery on 25 November 2025, but ownership and the full exposure window remain unknown.

🔒 French authorities arrested a 22-year-old on December 17, 2025, in connection with a cyberattack that breached the Ministry of the Interior's internal email servers earlier in the month. The suspect, born in 2003 and previously convicted for similar offenses in 2025, faces charges of unauthorized access to an automated personal data processing system as part of an organized group, punishable by up to 10 years' imprisonment. Investigations involve the Paris cybercrime unit and OFAC, and officials said a further statement will follow after police custody.

🔒 LKQ has confirmed a cyber-attack targeting its Oracle E-Business Suite environment that exposed personal information for more than 9,070 individuals. The company reports the intrusion occurred on August 9 and was discovered on October 3, with a detailed data analysis finalised on December 1 and notifications sent on December 15. Compromised items include LKQ Employer Identification Numbers and Social Security numbers; LKQ took the EBS environment offline, engaged an external forensic firm, and is offering two years of complimentary credit monitoring and identity restoration through Cyberscout (a TransUnion company). LKQ says it has implemented additional safeguards, strengthened security monitoring, and reinforced policies and controls.

🔒 700Credit, a Michigan fintech serving more than 20,000 car dealerships, disclosed a breach affecting 5.8 million customers. The company said a misconfigured API allowed unauthorized copying of records between May and October, exposing names, addresses and Social Security numbers. Discovered on October 25, 700Credit engaged cybersecurity experts who found activity limited to the 700Dealer.com application layer and reported no evidence of identity theft. Affected individuals are being offered 12 months of TransUnion identity protection and credit monitoring at no cost.