All news with #data breach tag

🤖 AI companion apps can feel intimate and conversational, but many collect, retain, and sometimes inadvertently expose highly sensitive information. Recent breaches — including a misconfigured Kafka broker that leaked hundreds of thousands of photos and millions of private conversations — underline real dangers. Users should avoid sharing personal, financial or intimate material, enable two-factor authentication, review privacy policies, and opt out of data retention or training when possible. Parents should supervise teen use and insist on robust age verification and moderation.

📰 Jaguar Land Rover reported a cyberattack cost of £196 million ($220 million) for the July–September quarter after the incident forced production shutdowns and staff to be sent home. The breach, announced on 2 September 2025, involved confirmed data theft and was claimed on Telegram by the group Scattered Lapsus$ Hunters. Following a UK government-backed £1.5 billion loan guarantee, JLR says operations, wholesale and supplier financing have been restored and production has resumed under a phased restart.

🚨 Logitech International S.A. confirmed a data breach claimed by the extortion gang Clop and disclosed the incident in a Form 8‑K filing with the U.S. SEC. The company says data was exfiltrated but that the incident has not impacted its products, business operations, or manufacturing, and that highly sensitive fields such as national ID numbers and credit card data were not stored or accessed. Logitech engaged external cybersecurity firms, attributes the intrusion to a third‑party zero‑day that was patched, and Clop has posted nearly 1.8 TB of alleged stolen data.

🔒 Checkout.com confirmed that the criminal group ShinyHunters accessed a legacy third-party cloud file storage system used in 2020 and earlier and is attempting to extort the company. The exposed materials reportedly include merchant onboarding documents and internal operational files, and Checkout estimates the data affects less than 25% of its current merchant base while also touching former customers. Rather than paying, the firm said it will donate the ransom amount to Carnegie Mellon University and the University of Oxford Cyber Security Center and invest in strengthening its security.

🔔 DoorDash disclosed a data breach discovered on October 25, 2025, after an unauthorized third party gained access to certain user contact information when a DoorDash employee fell victim to a social engineering scam. Affected information varied by individual and may have included first and last names, physical addresses, phone numbers, and email addresses. DoorDash says no Social Security Numbers or other highly sensitive data were accessed, and the company engaged a forensic firm, notified law enforcement, and deployed additional security measures. Initial notifications appear focused on Canada, though the advisory suggests the incident could affect users in other regions.

🔔 DoorDash disclosed an October data breach after an employee fell for a social engineering scam, allowing an unauthorized third party to access certain user contact information. Notified users were told exposed data varied by person and could include names, physical addresses, phone numbers and email addresses; the company said Social Security Numbers were not accessed. DoorDash said it shut off access, engaged a forensic firm, notified law enforcement, and warned users to watch for phishing; affected users can call a helpline and cite reference code B155060.

🔒 The Washington Post says a zero-day in Oracle E-Business Suite was used to access parts of its network, exposing personal and financial records for 9,720 employees and contractors. The intrusion occurred between July 10 and August 22, and attackers attempted extortion in late September. The activity has been tied to the Clop group exploiting CVE-2025-61884, and impacted individuals are being offered 12 months of identity protection and advised to consider credit freezes.

🔐 Password managers centralize credentials but are attractive targets for attackers who exploit phishing, malware, vendor breaches, fake apps and software vulnerabilities. Recent incidents — including a 2022 LastPass compromise and an ESET‑reported North Korean campaign — demonstrate how adversaries can exfiltrate vault data or trick users into surrendering master passwords. To reduce risk, use a long unique master passphrase, enable 2FA, keep software and browsers updated, install reputable endpoint security, and only download official apps from trusted stores.

🔔 Synnovis has begun notifying its NHS customers and affected data controllers about the volume of patient information compromised in a June 2024 ransomware attack. The incident, attributed to a Qilin affiliate, saw roughly 400GB of data published and caused widespread disruption to blood services, cancelled appointments and at least one reported death. Synnovis said notifications will be completed by 21 November, citing the 'exceptional scale and complexity' of an unstructured and fragmented dataset, a delay that has drawn sharp criticism from security experts.

🔒 GlobalLogic has notified 10,471 current and former employees that their data was exposed after a zero-day in Oracle E-Business Suite (EBS) was exploited in early October 2025. The company says it patched the vulnerability after confirming data exfiltration on 9 October. Stolen records reportedly include HR and payroll details such as names, dates of birth, passport numbers, salary, bank account and routing numbers, creating a high risk of follow-on phishing and identity fraud. GlobalLogic did not confirm contact by the extortion group, while security firms link the incident to Cl0p, which has targeted dozens of organizations including Harvard and Envoy Air.

🔒 Miniatur Wunderland Hamburg has notified visitors of a data protection incident after detecting a compromise of its online ticket order page. The museum warns unauthorized parties may have accessed full credit card details, including cardholder name, card number, expiration date and CVV, for purchases between 6 June and 29 October 2025. The implicated server was isolated immediately and the museum says investigations are ongoing, but it has not disclosed further technical details or attacker identity.

🔒 Synnovis has notified NHS organisations that a June 2024 ransomware incident resulted in the theft of patient data, including names, NHS numbers, dates of birth, and some test results. The company says the exfiltrated files were unstructured and fragmented, requiring specialist analysis to reassemble. Synnovis confirmed no ransom was paid, is coordinating notifications with affected trusts and expects to complete notifications by 21 November 2025. The incident has been linked to the Qilin ransomware operation.

🔒 GlobalLogic is notifying 10,471 current and former employees that personal data was stolen after attackers exploited an Oracle E-Business Suite zero-day. The compromised HR information includes names, contact details, birthdates, passport and tax identifiers, salary and bank account information. The incident aligns with a wider extortion campaign linked to the Clop ransomware group exploiting CVE-2025-61882.

🔒 The proliferation of age and identity verification laws is forcing organizations to retain sensitive government-issued IDs, increasing breach risk. A recent Discord incident exposed ID images via a compromised third-party provider, showing how regulatory mandates can create high-value data stores. The article advises that MSPs and affected organizations adopt natively integrated platforms and a single-agent, single-console approach to reduce attack surface, simplify operations and centralize visibility to mitigate these new risks.

🔐 The article outlines how everyday credential reuse and phishing feed a persistent compromise lifecycle: credentials are created, stolen, aggregated, tested, and ultimately exploited. It details common vectors — phishing, credential stuffing, third-party breaches, and leaked API keys — and describes criminal marketplaces, botnets, opportunistic fraudsters, and organized crime as distinct actors. Consequences include account takeover, lateral movement, data theft, resource abuse, and ransomware, and the piece urges immediate action such as scanning for leaked credentials with tools like Outpost24's Credential Checker.

🔒 The U.S. Congressional Budget Office confirmed a cybersecurity incident after a suspected foreign hacker breached its network. The agency says it acted quickly to contain the intrusion, implemented additional monitoring and new security controls, and is investigating the scope of the compromise. Officials warned that emails and exchanges between CBO analysts and congressional offices may have been exposed, prompting some offices to halt communications with the agency.

🔐 Nikkei confirmed a breach of employee Slack accounts that may have exposed names, email addresses and chat histories for 17,368 registered users. The company says malware on an employee’s personal computer stole Slack authentication credentials and session tokens, enabling unauthorized access. The incident was identified in September; Nikkei implemented password changes and voluntarily reported the matter to Japan’s Personal Information Protection Commission. No reporting-source leaks have been confirmed.

🔒 South Korean police uncovered a criminal network that used a malicious app to steal customer data from massage parlours and extort clients. The group tricked nine business owners into installing software that exfiltrated names, phone numbers, call logs and text messages, then sent threatening messages claiming to have video footage. About 36 victims paid between 1.5M and 47M KRW, with attempted extortion near 200M KRW. Authorities traced activity to January 2022 across Seoul, Gyeonggi and Daegu and made arrests in August 2023.

🔒 Nikkei disclosed that unauthorized actors used malware to infect an employee’s computer, obtain Slack credentials, and access accounts on the company's Slack workspace. The firm reports that data for possibly more than 17,000 employees and business partners — including names, email addresses and chat logs — may have been stolen. Nikkei discovered the incident in September and implemented password resets and other remediation measures. The company said there's no confirmation that sources or journalistic activities were affected.

🔍 Authorities across three continents executed coordinated raids and arrests in a probe that uncovered an organized fraud network accused of using stolen credit‑card data to create over 19 million fake subscriptions and siphon more than €300 million. Investigators say suspects exploited vulnerabilities at multiple payment service providers, operated hundreds of sham websites offering porn, dating and streaming services, and used small recurring charges with opaque descriptions to avoid detection. The operation, named Operation Chargeback, was halted in 2021 and is the focus of ongoing international legal assistance.