Tag: breach
-
UK council faces data breach claim after mishandling trans complaints
Confidential complainant details passed to local politician following debate First seen on theregister.com Jump to article: www.theregister.com/2026/02/22/cornwall_council_complaints_breach/
-
In 2026, Businesses Should Be Breach Ready and Never Shut Down Their Core Business
“We do not know how long this situation may last. As a precaution, all of our IT systems have been taken down, and a risk assessment will be conducted before we bring things back up.” Vice Chancellor LouAnn Woodward of the University of Mississippi Medical Center uttered these words standing before cameras on Thursday, February……
-
PayPal discloses extended data leak linked to Loan App glitch
PayPal disclosed a six-month data breach that exposed sensitive user data, including Social Security numbers, due to a software error. PayPal has disclosed a data breach caused by a software bug in its PayPal Working Capital loan app. The flaw exposed sensitive customer information, including customers’ business contact details (name, email, phone number, address), along…
-
Cashing Out: ATM Jackpotting Attacks Surging Across US
$20M Stolen Last Year in Malware-Driven Jackpotting Attacks, Warns FBI. Malware-wielding criminals jackpotted ATMs across the United States last year to walk away with $20 million thanks to cash-out attacks. Tracking that collective haul, the FBI said such attacks are on the rise, and urged operators to implement a range of physical and hardware-level defenses.…
-
Dynamic Objects in Active Directory: The Stealthy Threat
Active Directory’s “dynamic objects” feature offers attackers a perfect evasion cloak. These objects automatically self-destruct without a trace, so they allow adversaries to bypass quotas, pollute access lists, and persist in the cloud, leaving forensic investigators with nothing to analyze. Key takeaways The threat: Dynamic objects self-delete without leaving any traces, or “tombstones” in AD…
-
Data breach at French bank registry impacts 1.2 million accounts
The French Ministry of Finance has published an announcement informing of a cybersecurity incident that has impacted 1.2 million accounts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/data-breach-at-french-bank-registry-impacts-12-million-accounts/
-
PayPal Data Breach 6 Months of Users’ Data Leaked Online
PayPal has begun notifying a small number of customers about a significant cybersecurity incident in which their personally identifiable information (PII) was exposed for nearly six months due to a software error in its PayPal Working Capital (PPWC) loan application. The exposure, which affected business contact details combined with highly sensitive personal data, lasted from…
-
North Korean IT worker scam nets Ukrainian five-year sentence in the U.S.
A Ukrainian man was sentenced to five years in the U.S. for helping North Korean IT workers use stolen identities to get hired by U.S. firms. Oleksandr “Alexander” Didenko, a 29-year-old Ukrainian national, has been sentenced to five years in a U.S. prison for supporting North Korea’s fraudulent IT worker scheme. Didenko admitted stealing U.S.…
-
PayPal discloses data breach that exposed user info for 6 months
PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/paypal-discloses-data-breach-exposing-users-personal-information/
-
PayPal discloses data breach that exposed user info for 6 months
PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/paypal-discloses-data-breach-exposing-users-personal-information/
-
PayPal discloses data breach that exposed user info for 6 months
PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/paypal-discloses-data-breach-exposing-users-personal-information/
-
Why Most Breaches Happen After Launch: SaaS Security Testing Best Practices
As SaaS platforms expand in complexity, security cannot stop at deployment. Post-launch environments introduce new integrations, user access changes, and configuration updates that significantly increase risk exposure. Without continuous validation and monitoring, vulnerabilities can quietly develop into major breaches. A structured and ongoing security strategy, supported by experts like StrongBox IT, helps organisations reduce these……
-
Hackers breach contractor linked to Ukraine’s central bank collectible coin store
The National Bank of Ukraine announced that attackers may have gained access to users’ personal data, including names, phone numbers, email addresses and delivery addresses, in a recent cyberattack. First seen on therecord.media Jump to article: therecord.media/hackers-breach-ukraine-national-bank-contractor
-
FBI: Over $20 million stolen in surge of ATM malware attacks in 2025
The FBI warned that Americans lost more than $20 million last year amid a massive surge in ATM “jackpotting” attacks, in which criminals use malware to force cash machines to dispense money. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-over-20-million-stolen-in-surge-of-atm-malware-attacks-in-2025/
-
What the Nike Breach Teaches Us About the Microsegmentation Imperative of Integrating with EDR
At 14:37 UTC on January 22, 2026, Nike appeared on WorldLeaks’ Tor-based leak site. The countdown timer showed 48 hours until 1.4 terabytes, 188,347 files, would be dumped onto the dark web for anyone to download. Included in the trove of files are assets from Nike’s research and development (R&D) and product creation… First seen…
-
FBI: Over $20 million stolen in surge of ATM malware attacks in 2025
The FBI warned that Americans lost more than $20 million last year amid a massive surge in ATM “jackpotting” attacks, in which criminals use malware to force cash machines to dispense money. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-over-20-million-stolen-in-surge-of-atm-malware-attacks-in-2025/
-
Two Petabytes Worth Data of Israeli’s Siphoned, Says Cyber Head
Two petabytes, or two quadrillion bytes of information, has been stolen from Israelis in recent years, according to Yossi Karadi, head of the Israel National Cyber Directorate (INCD). Speaking to The Jerusalem Post, Karadi described the scope of the Israel data breach incidents as unprecedented. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/israel-data-breach-incd-head/
-
Ukrainian gets 5 years for helping North Koreans infiltrate US firms
A Ukrainian national was sentenced to five years in prison for providing North Korean IT workers with stolen identities that helped them infiltrate U.S. companies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ukrainian-gets-5-years-for-helping-north-koreans-infiltrate-us-firms/
-
Ukrainian sentenced to 5 years in prison for facilitating North Korean remote worker scheme
Oleksandr Didenko ran laptop farms and provided forged or stolen identities to North Korean operatives who gained remote employment at 40 U.S. businesses. First seen on cyberscoop.com Jump to article: cyberscoop.com/doj-ukrainian-north-korea-remote-worker-scheme-facilitator-sentenced/
-
FBI says ATM ‘jackpotting’ attacks are on the rise, and netting hackers millions in stolen cash
The FBI says hacks that trick ATMs into spitting out cash on demand are rising, with hundreds of attacks in the past year alone netting hackers millions in stolen bills. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/19/fbi-says-atm-jackpotting-attacks-are-on-the-rise-and-netting-hackers-millions-in-stolen-cash/
-
Researchers warn Volt Typhoon still embedded in US utilities and some breaches may never be found
Dragos’s Rob Lee said Volt Typhoon is “still very active, and they’re still absolutely mapping out and getting into embedding in U.S. infrastructure, as well as across our allies.” First seen on therecord.media Jump to article: therecord.media/researchers-warn-volt-typhoon-still-active-critical-infrastructure
-
Breach Roundup: Cambodia Scam Center Crackdown
Also: EU Bans AI Tools, Notepad++ Secures Updater, Apple Patches iOS Zero-Day. This week, Cambodia shuttered 200 scam centers. EU Parliament banned AI tools. Canada Goose disputed a ShinyHunters leak. Notepad++ patched an updater flaw. Apple fixed a decades-old iOS zero-day. BeyondTrust and Dell patched critical flaws under active exploitation. First seen on govinfosecurity.com Jump…
-
Threat groups use AI to speed up and scale cyberattacks
A report from Palo Alto Networks finds hackers are increasingly using stolen identities and exploiting critical vulnerabilities within minutes of disclosure. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/threat-groups-ai-speed-scale-cyberattacks/812439/
-
Attackers breach France’s national bank account database
A spokesperson for the French government said potentially 1.2 million accounts were impacted by the incident. First seen on therecord.media Jump to article: therecord.media/attackers-breach-france-national-bank-account-database
-
How infostealers turn stolen credentials into real identities
Infostealer dumps increasingly tie stolen credentials to real identities, linking usernames, cookies, and behavior across personal and enterprise accounts. Specops explains how analyzing 90,000 dumps shows reuse fuels enterprise risk and how continuous AD scanning disrupts that cycle. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/how-infostealers-turn-stolen-credentials-into-real-identities/
-
Data on 1.2 million French bank accounts accessed in registry breach
In late January 2026, a malicious intruder accessed France’s national bank account registry, FICOBA, enabling them to view information tied to 1.2 million accounts, the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/19/ficoba-data-breach-bank-accounts/
-
Adidas investigates alleged data breach affecting 815,000 records
Adidas confirmed it is investigating a possible data breach involving one of its third-party customer service providers. The company stated that there is no indication its IT … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/19/adidas-third-party-data-breach-investigation/
-
Adidas investigates third-party data breach after criminals claim they pwned the sportswear giant
‘Potential data protection incident’ at an ‘independent licensing partner,’ we’re told First seen on theregister.com Jump to article: www.theregister.com/2026/02/18/adidas_investigates_thirdparty_data_breach/
-
French Ministry confirms data access to 1.2 Million bank accounts
A hacker accessed data from 1.2 million French bank accounts using stolen official credentials, the Economy Ministry said. A hacker gained access to data from 1.2 million French bank accounts using stolen credentials belonging to a government official, according to the French Economy Ministry. French authorities said affected account holders will be notified in the…