< ciso
brief />
Tag Banner

All news with #data breach tag

785 articles · page 18 of 40

France Fines Free Mobile €42M Over 2024 Data Breach

🔒 The French data protection authority, CNIL, fined Free Mobile and parent company Free a combined €42 million for insufficient protection of customer data after an October 2024 breach that exposed information of nearly 23 million subscribers. CNIL cited weak VPN authentication, poor detection of abnormal activity, delayed notifications, and excessive data retention. The companies must complete security fixes and perform mandated data clean-up within required deadlines.
read more →

Pax8 Email Error Exposes MSP and Microsoft Licensing Data

⚠️ Pax8 confirmed it mistakenly emailed a CSV attachment on January 13 that contained internal pricing and Microsoft licensing data to fewer than 40 UK-based partners. Recipients reported the file listed about 56,000 entries covering roughly 1,800 partners, with fields including partner and customer IDs, SKUs, license counts, renewal dates, and booking details. Pax8 asked recipients to delete the message, required deletion confirmations, and said it launched an internal review. The company maintains the file did not contain personally identifiable information and that marketplace availability and security controls were not affected.
read more →

Victorian Education Department Notifies Parents of Data Breach

🔒The Victorian Department of Education has notified parents that an unauthorized third party accessed a database containing student names, school names, year levels and school-issued email addresses, along with encrypted passwords for accounts that use those emails. The department said more sensitive fields such as birth dates, home addresses and phone numbers were not exposed. All student passwords have been reset and access to school accounts is blocked until new credentials are issued; VCE students will be prioritised. Authorities say they removed the attack vector and have not found evidence the data was publicly released or shared, and further updates will be provided.
read more →

Monroe University breach: 320,973 records exposed nationwide

🔒 Monroe University disclosed that threat actors accessed its network from December 9 to December 23, 2024, and stole personal, financial, and health information affecting 320,973 people. The university said stolen records may include names, dates of birth, Social Security numbers, government IDs, medical and insurance data, account usernames, passwords, and financial account information. Notifications began January 2 and affected individuals were offered one year of free credit monitoring through Cyberscout; the incident follows prior ransomware attacks and broader targeting of higher education institutions.
read more →

Central Maine Healthcare breach exposes data of 145,381

🛡️ Central Maine Healthcare disclosed a security incident after discovering unauthorized access to its systems between March 19 and June 1, 2025. The investigation, completed on November 6, 2025, determined that 145,381 individuals — including patients and current or former employees — may have had sensitive information exposed. Exposed data types vary by person and can include full names, dates of birth, treatment and service details, provider names, health insurance information, and Social Security Numbers. CMH has begun notifying affected individuals, is offering free credit monitoring, and has set up a dedicated patient support line to answer questions and accept reports of potential data misuse.
read more →

Betterment Confirms Data Breach After Crypto Scam Emails

🔒 Betterment confirmed a breach after an attacker used a third-party marketing platform to send fraudulent crypto reward emails to a subset of customers on January 9. The messages, sent from the legitimate subdomain address 'support@e.betterment.com', claimed to triple Bitcoin and Ethereum deposits and included wallet addresses and large deposit deadlines. The actor accessed customer contact data (names, emails, physical addresses, phone numbers, dates of birth) but did not access customer accounts or expose account credentials. Betterment removed the unauthorized access, warned customers, and said it will publish a post-mortem while strengthening defenses against social engineering.
read more →

Target employees confirm leaked source code is authentic

🔒 Multiple current and former Target employees confirmed that source code and documentation shared by a threat actor match the company's internal systems. The leaked sample contains real system names (e.g., BigRED, TAP [Provisioning]), proprietary codenames and tooling references, including Vela-based CI/CD and JFrog Artifactory. Target enacted an "accelerated" change restricting access to its on-prem Git server to the corporate network and VPN after the disclosure.
read more →

Target employees confirm leaked code after Git lockdown

🔒 Multiple current and former Target employees told BleepingComputer that a sample of source code and documentation published by a threat actor matches real internal systems. A screenshot of company-wide Slack shows an "accelerated" security change effective January 9, 2026, restricting access to git.target.com to Target-managed networks or VPN. The 14MB sample contains internal names like "BigRED" and "TAP" and references to Vela, Hadoop datasets, and JFrog Artifactory. The threat actor claims a full archive of ~860GB; the root cause remains under investigation.
read more →

When Your Personal Data Appears on the Dark Web - What to Do

🔒 If you learn your personal or financial data is on the dark web, act quickly: cybercriminals use stolen PII, credentials, session cookies and payment details to commit account takeover, identity theft and fraud. Immediately change compromised passwords, enable MFA (prefer authenticator apps or hardware keys), sign out of all devices, scan for infostealer malware and contact your bank to freeze or reissue cards. For longer-term protection, freeze credit, tighten privacy settings, use email aliasing and a password manager, and enroll in monitoring services such as HaveIBeenPwned.
read more →

BreachForums user database leaked, exposing 323,986 records

🔓 On January 9, 2026, a database containing 323,986 BreachForums user records was published on a site named after the ShinyHunters gang, exposing usernames, email addresses, password hashes and IP addresses. The leak was accompanied by a roughly 4,400‑word manifesto from someone calling themselves "James", who names alleged cybercriminals and claims responsibility. The provenance and motive remain unclear, though the dump could provide law enforcement with investigative leads and highlights the limits of perceived anonymity on criminal forums.
read more →

BreachForums Database Leak Exposes 324K Criminal Users

🔓 A leaked MySQL archive containing 323,986 BreachForums user records surfaced in January, revealing hashed passwords, private messages, forum posts, and registration metadata. Security firm Resecurity reported the leak also included a password-protected PGP private key and a 4,400-word manifesto titled 'Doomsday' attributed to an individual calling themselves James. Have I Been Pwned traced the breach to August, months before multiple law enforcement takedowns and arrests weakened the platform's ecosystem. Observers say the exposure further erodes trust in large public crime forums and may push sophisticated actors to smaller, invite-only communities.
read more →

University of Hawaii Cancer Center Hit by Ransomware

🔒 The University of Hawaii System says a ransomware gang breached a single research project at the UH Cancer Center on August 31, 2025, and exfiltrated study data that included historical files containing Social Security numbers. Upon discovery, affected systems were disconnected, external cybersecurity experts were engaged, and the university said it negotiated with the threat actors to secure a decryption tool. UH reported arranging for the secure destruction of the illegally obtained data and said it will notify individuals once contact information is confirmed. The institution has installed endpoint protection, replaced compromised systems, reset credentials, updated firewall software, and initiated third-party security audits.
read more →

Target's Dev Git Server Offline After Source Code Claims

🔒 Target is investigating claims that an unknown threat actor published samples of internal source code on public Gitea repositories and is advertising a larger dataset for sale. The posted sample included a SALE.MD index listing roughly 57,000 lines and an estimated archive size of ~860 GB. After BleepingComputer alerted Target, the sample repos were removed and the retailer's developer Git server at git.target.com became inaccessible externally. Commit metadata and repository structure suggest the material may have originated from private internal infrastructure.
read more →

Endesa Reports Customer Data Breach Exposing Contracts

🔒 Spanish energy provider Endesa and its operator Energía XXI disclosed unauthorized access to their commercial platform that exposed customer contract-related data. The company says the intruder accessed basic identification, contact details, national ID numbers (DNI), contract records, and payment information such as IBANs, while account passwords were not affected. Endesa says it blocked compromised internal accounts, preserved logs for forensic analysis, notified relevant authorities including the Spanish Data Protection Agency, and increased monitoring. Threat actors claim to be offering roughly 1TB of SQL data—allegedly ~20 million records—for sale; the investigation is ongoing and affected customers are being notified.
read more →

BreachForums Database Leak Exposes Forum User Records

🔓 A leaked SQL database tied to the BreachForums dark-web forum was published by a site associated with the ShinyHunters collective, according to Resecurity. The archive reportedly contains meta-data for 323,986 MyBB users, including usernames and IP addresses, though some IPs appear sanitized or set to loopback values. Resecurity warns that copies from other sources may be booby-trapped and recommends obtaining the dataset from its site.
read more →

Instagram Denies Breach After 17M Account Data Leak Claims

🔐 Meta says it patched a bug that allowed an external party to mass-request Instagram password reset emails and denies any systems breach after claims that data from more than 17 million accounts was posted online. Malwarebytes warned customers of a 17.5M-account dump containing phone numbers, emails, addresses and Instagram IDs, though not every record includes all fields. Meta told reporters it is not aware of an API incident in 2022 or 2024, and Instagram accounts remain secure. Users should ignore unsolicited reset emails, enable two-factor authentication, and stay alert to phishing and smishing attempts.
read more →

California Bars Data Broker from Reselling Health Data

🛑 The California Privacy Protection Agency ordered Rickenbacher Data LLC, operating as Datamasters, to stop selling Californians' health and personal information and fined the firm $45,000 for failing to register as a data broker under the California Delete Act. Regulators found Datamasters bought and resold hundreds of millions of records—names, emails, addresses and phone numbers—targeting people by medical conditions, age, perceived race, political views and purchases. The agency ordered deletion of previously acquired California records by the end of December, requires any newly received Californian data to be purged within 24 hours, and imposed five years of compliance measures; CalPrivacy also fined S&P Global $62,600 for an administrative registration lapse.
read more →

BreachForums User Database Leak Exposes 324,000 Accounts

🔐 A backup of the BreachForums MyBB users table and an associated PGP key were published in a 7Zip archive, exposing 323,988 account records and administrator key material. The leaked archive includes a databoose.sql users table and a passphrase-protected PGP private key; without the passphrase the key cannot be used to sign messages. Analysis found most IPs were set to a local loopback (127.0.0.9), but roughly 70,296 records map to public IPs, creating OPSEC risks for affected users and potential intelligence value for law enforcement. The forum administrator acknowledged the leak, saying the files were temporarily left in an unsecured folder during recovery and recommending disposable email addresses for members.
read more →

IDHS Privacy Misconfiguration Exposes Data of 700K Residents

🔒 The Illinois Department of Human Services (IDHS) said that misconfigured privacy settings on a public mapping website exposed personal and health-related information for nearly 700,000 residents. Maps intended for internal resource planning were publicly accessible for years, revealing addresses, case numbers, demographics, and plan names for many Medicaid and Medicare Savings Program recipients, and additional identifying details for some rehabilitation services customers. IDHS restricted access, reviewed exposed maps, blocked future uploads of identifiable customer data to public mapping platforms, and has notified affected individuals and regulators.
read more →

pcTattletale Founder Pleads Guilty in Stalkerware Case

🔒 The founder of surveillance company pcTattletale pleaded guilty on January 6 to federal charges including computer hacking, conspiracy, and unlawful advertising of surveillance software. Fleming openly promoted the product on YouTube as a way to 'catch a cheater' and touted it as '100% Undetectable.' A May 2024 data breach that exposed more than 138,000 customer accounts precipitated the service shutdown. Sentencing is scheduled for April 3, 2026.
read more →