< ciso
brief />
Tag Banner

All news with #data breach tag

787 articles · page 31 of 40

ShinyHunters Leak Salesforce Data; Many Companies Exposed

🔓 An extortion group claiming affiliation with ShinyHunters, Scattered Spider, and Lapsus$ has launched a public data leak site listing 39 companies allegedly compromised via Salesforce breaches. The site publishes sample records and urges victims to pay before an October 10 deadline, while also demanding that Salesforce pay to prevent disclosure of roughly 1 billion records. The attackers say they used OAuth-based voice-phishing and stolen tokens to access customer data. Victims named include FedEx, Disney/Hulu, Google, Cisco, and many other major brands.
read more →

WestJet Data Breach Affects 1.2 Million Customers Update

🛫 WestJet has confirmed a data breach affecting 1.2 million customers following a June 13, 2025 intrusion, and notified authorities on September 29. The airline says a "sophisticated, criminal third party" accessed names, contact details, reservation documents and other relationship data; WestJet Rewards members may have had IDs and points balances exposed, though account passwords were not accessed. WestJet states that credit card numbers, expiry dates and CVVs were not compromised, systems are secure, affected customers are being contacted, and identity protection is being offered where appropriate.
read more →

Google, Mandiant Probe Extortion Claims Targeting Oracle EBS

📧 Google Mandiant and the Google Threat Intelligence Group report a new high-volume extortion campaign that claims stolen data from Oracle E-Business Suite. The operation began on or before September 29, 2025, uses hundreds of compromised accounts, and includes contact addresses verified on the Cl0p data leak site. Mandiant notes at least one sending account has ties to FIN11, a TA505 subset. Investigations are ongoing and organizations are urged to inspect for compromise.
read more →

Forrester Predicts Agentic AI Will Trigger 2026 Breach

⚠️ Forrester warns that an agentic AI deployment will trigger a publicly disclosed data breach in 2026, potentially prompting employee dismissals. Senior analyst Paddy Harrington noted that generative AI has already been linked to several breaches and cautioned that autonomous agents can sacrifice accuracy for speed without proper guardrails. He urges adoption of the AEGIS framework to secure intent, identity, data provenance and other controls. Check Point also reported malicious agentic tools accelerating attacker activity.
read more →

Red Hat Confirms Security Incident After GitHub Claims

🔒 An extortion group calling itself Crimson Collective claims to have exfiltrated nearly 570GB of compressed data from about 28,000 private GitHub repositories, including roughly 800 Customer Engagement Reports (CERs). Red Hat confirmed a security incident tied to its consulting business but would not validate the attackers’ specific claims, saying it has initiated remediation and sees no indication the issue affects its products or software supply chain. The group published directory listings and alleges finding authentication tokens and full database URIs that could be used to access downstream customer infrastructure.
read more →

Red Hat Confirms GitLab Breach Affecting Consulting

🔒 Red Hat confirmed a security incident after an extortion group calling itself the Crimson Collective claimed to have stolen nearly 570GB of compressed data from roughly 28,000 internal repositories in a GitLab instance used solely for consulting engagements. The group alleges the haul includes about 800 Customer Engagement Reports (CERs) that may contain infrastructure details, authentication tokens, and database URIs. Red Hat says it is remediating the issue, has not verified the attackers' specific claims, and believes its software supply chain and other services remain unaffected.
read more →

Ransomware Incident at Dealer Software Vendor Exposes Data

🔒 A ransomware attack on Motility Software Solutions on August 19, 2025, encrypted portions of its systems and may have exposed personal information for approximately 766,000 customers. The DMS vendor supports about 7,000 dealerships and stores data including names, emails, phone numbers, dates of birth, Social Security numbers, and driver’s license numbers. Motility restored systems from backups, implemented additional security measures, and is offering one year of identity monitoring through LifeLock to affected individuals.
read more →

WestJet breach exposes travel documents of 1.2M customers

🔒 WestJet confirmed a cybersecurity incident that exposed personal data for about 1.2 million customers, including passports and government IDs. Attackers used social engineering to reset an employee password and accessed the network via Citrix, later moving through Windows and Microsoft cloud systems. The airline said no card numbers, CVVs, expiry dates, or user passwords were compromised and has offered two years of identity protection while working with the FBI.
read more →

Allianz Life July Data Breach Affects Nearly 1.5 Million

🔐Allianz Life has completed its investigation into a July cyberattack and says 1,497,036 people were impacted. A malicious actor accessed a third-party cloud-based CRM on July 16, 2025, and obtained names, addresses, dates of birth, and Social Security numbers. While some reporting linked the intrusion to a Salesforce-targeted wave attributed to ShinyHunters, Allianz Life has not confirmed that attribution. Notified individuals are offered two years of free identity monitoring from Kroll and guidance to enable credit monitoring or consider freezing credit.
read more →

FTC Sues Sendit for Alleged Illegal Collection of Child Data

🔔 The FTC has filed a lawsuit against Iconic Hearts Holdings Inc., the operator of Sendit, and its CEO Hunter Rice, alleging unlawful collection of personal data from users under 13 and deceptive subscription practices. The complaint claims Sendit collected phone numbers, birthdates, photos, and social media usernames without parental consent, created fake anonymous messages (some deliberately provocative), and misrepresented a paid "Diamond Membership" while imposing recurring charges. The FTC has referred the matter to the Department of Justice; the allegations remain unproven.
read more →

WestJet Confirms Breach Exposed Customers' Passports

🔒 WestJet has confirmed that a cybersecurity incident disclosed on June 13 exposed sensitive customer information, including passports and other government IDs, according to a notification shared with U.S. authorities. The airline said an investigation completed on September 15 found impacted records varied by individual and could include full name, date of birth, mailing address, travel documents, loyalty program details, and certain card account information. WestJet emphasized that no credit or debit card numbers, expiry dates, CVV codes, or user passwords were compromised and is offering free two-year identity theft protection to affected customers. The company said the FBI is involved in the probe and that it is still working to determine the full scope of the incident.
read more →

Data Leak at Kido Kindergartens Exposes Children's Data

🚨 A ransomware group calling itself Randiant claims to have attacked UK childcare operator Kido, publishing names, photos, addresses and family contact details for ten children from one of Kido's London nurseries and threatening to release further data unless a ransom is paid. The attackers' leak page alleges data on more than 8,000 children was exfiltrated. Kido has not yet issued a public statement; London police say an investigation is ongoing. Kido also operates sites in the United States, India and China.
read more →

Asahi Suspends Japan Operations After Cyber Attack

🔒 Asahi has halted order, shipment and call center operations across its Japanese group companies after reporting a system failure caused by a cyber-attack in a September 29 press release. The company said the outage is confined to Japan, offered no estimated recovery timeline and apologized to customers and business partners. It also stated there has been no confirmed leakage of personal or customer data at this time, while security experts caution that positions on compromised data may change as investigations continue.
read more →

UK Convicts 'Bitcoin Queen' in £5.5B Cryptocurrency Seizure

🚨 The Metropolitan Police secured a conviction in what is believed to be the world's largest cryptocurrency seizure after Zhimin Qian (aka Yadi Zhang) pleaded guilty to acquiring and possessing criminal property under the Proceeds of Crime Act. Investigators say Qian ran a multibillion-yuan fraud in China that targeted over 128,000 victims and raised roughly 40 billion yuan before converting proceeds to Bitcoin. The Met seized 61,000 BTC, now valued at approximately £5.5 billion, following a cross-border probe and cooperation with Chinese authorities. An associate involved in laundering attempts was previously sentenced for their role.
read more →

Harrods Breach Exposes 430,000 E-commerce Customer Records

🔒 Harrods has confirmed a new data breach after a compromise at a third-party supplier exposed 430,000 e-commerce customer records. The disclosed information primarily comprises names, contact details and internal marketing tags, while account passwords, payment information and order histories were not included. The retailer says this incident is separate from the May attack attributed to Scattered Spider and that the threat actor has contacted them, apparently seeking extortion. Harrods has notified affected customers and authorities and urges vigilance against phishing and social engineering.
read more →

Harrods Supply Chain Breach Affects E-commerce Customers

🔒 Harrods has disclosed that some e-commerce customer data was stolen via a breach at a third-party provider, with the retailer notifying affected customers on Friday. The company says the exposed information is limited to basic personal identifiers such as names and contact details and does not include account passwords, payment details or order history. Harrods also said it was contacted by a threat actor but refused to engage, and that this incident is separate from attempts to access Harrods systems in May. Reports indicate as many as 430,000 customer records may have been impacted, in a broader environment of rising retail ransomware and supply-chain risk linked to groups such as Scattered Spider.
read more →

Public S3 Bucket Exposes 273k Indian Bank Transfers

🔓 UpGuard discovered a publicly accessible Amazon S3 bucket containing over 273,000 PDFs documenting individual bank transfers in India, many with unredacted account numbers, amounts, and personal contact details. Aye Finance was disproportionately represented in the sample, and researchers observed roughly 3,000 new files added daily before the bucket was secured following notifications to AyeFin, NPCI, and CERT‑IN. The exposure poses an immediate risk of large‑scale fraud and targeted abuse across dozens of banks.
read more →

Qantas Docking CEO Pay Signals Cyber Accountability Shift

🔒 Qantas' board docked CEO Vanessa Hudson and other executives after a June 30 cyber incident that exposed the personally identifiable information of nearly 6 million passengers, deducting A$800,000 from bonuses and cutting annual payouts by 15 percentage points. The move is being compared to high-profile past actions, such as Yahoo's 2017 bonus denial. Security leaders say the decision reflects a broader trend of boards and regulators holding top executives personally and financially accountable for cybersecurity failures.
read more →

Co-op Cyberattack Costs Group an Estimated £120 Million

🔒 In its latest half-year report the Co-operative Group said it expects to lose about £120 million in profits this financial year after a cyberattack forced temporary shutdowns of parts of its IT estate. The company reported that personal data for roughly 6.5 million members was stolen, prompting operational disruption across its supermarkets as well as its financial and funeral services. The identity of the attackers remains unclear and investigations are ongoing.
read more →

Mass Exposure of Indian Bank NACH Transfer PDFs Repository

🔓 UpGuard discovered a publicly accessible Amazon S3 bucket containing roughly 273,160 PDF documents formatted as NACH MANDATE records that documented bank transfers in India. The files exposed unredacted bank account numbers, transaction amounts and, in many cases, individuals’ names, phone numbers and email addresses. A 55K-file sample (~42 GB) showed 38 financial institutions represented, with AyeFin appearing in nearly 60% of sampled records. UpGuard notified AyeFin and NPCI, escalated to CERT‑IN when the bucket continued to grow, and verified the repository was secured on September 4.
read more →