{{ author.auto_description }}| DataBreaches.Net
{{ author.auto_description }}| DataBreaches.Net
{{ author.auto_description }}| DataBreaches.Net
{{ author.auto_description }}| DataBreaches.Net
It looks like ShinyHunters and Scattered Spider have found yet another way to compromise Salesforce customers. Lawrence Abrams reports: Hackers breached sales a| DataBreaches.Net
Brian Hamrick reports: West Chester Township is dealing with the fallout of a second cyber-attack this month. On Tuesday morning, cyber attackers the township c| DataBreaches.Net
Jon Brodkin reports: A Social Security Administration (SSA) official alleged in a whistleblower disclosure that DOGE officials created "a live copy of the coun| DataBreaches.Net
Kosher Israeli internet provider, Internet Rimon, which provides Internet filtering services for the religious and haredi sectors, was hacked by an Iranian cybe| DataBreaches.Net
Tim Sigsworth, Fiona Parker, and Janet Eastham report: The Church of England is investigating claims it breached the personal data of almost 200 abuse survivo| DataBreaches.Net
Bill Toulas reports: French retailer Auchan is informing that some sensitive data associated with loyalty accounts of several hundred thousand of its customers| DataBreaches.Net
Category: Non-U.S.| DataBreaches.Net
Category: Legislation| DataBreaches.Net
Sarah Sinclair reports: A UK medical cannabis clinic is carrying out investigations after a substantial amount of patients’ information was leaked in a major da| DataBreaches.Net
Statement from Orange Belgium S.A . on August 20 2025: At the end of July, Orange Belgium detected a cyberattack on one of its IT systems, resulting in unauthor| DataBreaches.Net
Last week, it appeared that Clinical Diagnostics ("Eurofins") had paid a gang's demands not to leak patient data that Nova had exfiltrated during a ransomware a| DataBreaches.Net
DataBreaches is generally a great fan of state attorneys general taking enforcement action stemming from data breaches where the security was really subpar or t| DataBreaches.Net
The420.in reports: The Delhi Police have arrested 18 individuals for duping State Bank of India (SBI) credit card holders of nearly ₹2.6 crore [USD $296,630.45]| DataBreaches.Net
Serena Barker-Singh reports: Up to 3,700 Afghans brought to the UK between January and March 2024 have potentially been impacted as names, passport details and| DataBreaches.Net
On August 9, DataBreaches reported on a Telegram channel with a name that combined the names of three groups: ShinyHunters, Scattered Spider, and Lapsus$. At the time, DataBreaches noted: Commenters on reading the new Telegram channel call it “schizo,” “complete chaos,” and “insane.” DataBreaches would just call it “overwhelming.” Today, DataBreaches would just call it... Source| DataBreaches.Net
Divya reports: A series of critical security flaws in Intel’s internal web infrastructure exposed the personal details of more than 270,000 employees and potentially provided attackers with access to sensitive corporate and supplier information. The discoveries highlight severe weaknesses across multiple Intel-owned websites, raising broader concerns about the company’s handling of web application security. According... Source| DataBreaches.Net
Today’s post is a reminder that purging files is helpful, but remember to empty the recycle bin. A listing on WorldLeaks’ darkweb leak site yesterday claims that WorldLeaks acquired 1.5 TB of data from MPOWERHealth, comprising 1,622,547 files. MPOWERHealth describes itself as providing innovative healthcare solutions, specializing in Intraoperative Neuromonitoring (IONM), Surgical Assist, and Care... Source| DataBreaches.Net
In April, Noah Michael Urban pleaded guilty in a Florida courtroom to charges he had faced in two separate federal cases. Yesterday, he was sentenced in a Florida courtroom to ten years in prison and $13 million in restitution. In the Florida case, Urban, known online as “King Bob,” “Sosa,” “Elijah,” “Anthony Ramirez” and “Gustavo... Source| DataBreaches.Net
Ionut Arghire reports: Pharmaceutical company Inotiv has notified the US Securities and Exchange Commission (SEC) that its business operations took a hit after hackers compromised and encrypted its internal systems. The incident, the organization said in a Form 8-K filing, occurred on August 8, and prompted Inotiv to initiate containment and remediation processes. “The company’s preliminary... Source| DataBreaches.Net
Sarah Sinclair reports: A UK medical cannabis clinic is carrying out investigations after a substantial amount of patients’ information was leaked in a major data breach. In an email sent to patients on Monday 18 August, CB1 Medical confirmed it had identified a ‘data security incident’ when patients’ personal details, including prescription information, were found... Source| DataBreaches.Net
Statement from Orange Belgium S.A. on August 20 2025: At the end of July, Orange Belgium detected a cyberattack on one of its IT systems, resulting in unauthorised access to certain data from 850,000 customer accounts. No critical data was compromised: no passwords, email addresses, bank or financial details were hacked. However, the hacker gained... Source| DataBreaches.Net
DataBreaches is generally a great fan of state attorneys general taking enforcement action stemming from data breaches where the security was really subpar or the entity did not notify those affected in a reasonable amount of time. But two enforcement actions in New York have me wondering if the state has been a bit unfair... Source| DataBreaches.Net
Last week, it appeared that Clinical Diagnostics (“Eurofins”) had paid a gang’s demands not to leak patient data that Nova had exfiltrated during a ransomware attack in July. Clinical Diagnostics in the Netheralands held patient data on 485,000 Dutch women in a cervical cancer screening program. Nova confirmed the payment to a Dutch news outlet.... Source| DataBreaches.Net
In February 2020, DataBreaches reported that patients of Community Care Physicians in New York may have had their protected health information, date of birth, and insurance coverage exposed as a result of a ransomware attack by Maze Team at the Albany-based accounting firm BST & Co. CPAs. The incident was reported at the time to... Source| DataBreaches.Net
Month: May 2025| DataBreaches.Net
PowerSchool commits to strengthened breach measures following engagement with the Privacy Commissioner of Canada| DataBreaches.Net
Premier Health Partners (“PHP”) in Ohio issued a press release this week and uploaded a substitute notice to its website. Why they first concluded an investigation into a breach they discovered on July 12, 2023 requires more explanation than they provide.| DataBreaches.Net
Adam Thorn reports:| DataBreaches.Net
Source: LinkedIn.comThere’s an update to a previously reported case involving a former employee of Ubiquiti Networks, although as is their policy, the DOJ does not name the victim firm:| DataBreaches.Net
Month: June 2025| databreaches.net
Episource, LLC, is a business associate that provides healthcare technology and solutions, specializing in medical coding, risk adjustment, and data analytics for health plans and providers. | DataBreaches.Net
There’s a follow-up to the Helsinki incident affecting hundreds of thousands of children and adults in 2024. The government has finished its investigation and published its findings and recommendations. From their press release:| DataBreaches.Net
The Connexion reports: A large-scale trial is opening in Lyon this week after the discovery of a major data leak at a French work agency Adecco that left 72,000| DataBreaches.Net
Maristel Policarpio, Sarah Pearl Camiling, and Sophia Nilette Robles write: A new ransomware-as-a-service (RaaS) group has emerged and has been making a name| DataBreaches.Net
Daniel Lopez reports: HealthEC LCC and its clients finally reached a settlement to resolve a class action data breach lawsuit involving a hacking incident and| DataBreaches.Net
Jonathan Greig reports: The U.S. State Department said they were seeking information on Iranian hackers who they accused of targeting critical infrastructure us| DataBreaches.Net
Update: And this is why we said “allegedly” and “unconfirmed.” CCC responded to yesterday’s inquiry with the following reply:| DataBreaches.Net
{{ author.auto_description }}| DataBreaches.Net
First it was Dior. Now it’s Tiffany & Co. Seok Nam-jun and Kim Mi-geon report:| DataBreaches.Net
From the Government of the Netherlands: More forms of espionage, such as digital and diaspora espionage, are to be a criminal offence from 15 May onwards. To ac| DataBreaches.Net
Lorenzo Franceschi-Bicchierai reports: More than a decade ago, researchers at antivirus company Kaspersky identified suspicious internet traffic of what they th| DataBreaches.Net
Nate Raymond reports: A Massachusetts man has agreed to plead guilty to hacking cloud-based education software provider PowerSchool and stealing data pertaining| DataBreaches.Net
