Tag: breach
-
Maine Shuts Down Breach Reporting Portal Following Fake VRChat and Discord Submissions
The Office of the Maine Attorney General has temporarily taken its public data breach reporting portal offline following the discovery of fraudulent submissions falsely claiming security incidents at VRChat and Discord. The incident, disclosed in an official statement on June 12, 2026, highlights growing concerns over the integrity and potential abuse of publicly accessible breach…
-
How Security Debt Can Accumulate Faster Than Technical Debt
Security debt sounds like a tidy metaphor until the first breach turns it into a billing department with teeth. Technical debt behaves like clutter. Code gets ugly, builds slow down, developers complain, and deadlines wobble. Security debt behaves like contagion. One weak credential policy, one forgotten admin panel, and one logging gap cause the system…
-
Novo Nordisk discloses data breach affecting patient and healthcare professional information
First seen on scworld.com Jump to article: www.scworld.com/brief/novo-nordisk-discloses-data-breach-affecting-patient-and-healthcare-professional-information
-
Kyushu Electric Power Co. reports data breach affecting over 10 million customers
First seen on scworld.com Jump to article: www.scworld.com/brief/kyushu-electric-power-co-reports-data-breach-affecting-over-10-million-customers
-
Ozempic Drug Maker Loses Clinical Trial Data in Hack
Novo Nordisk Breach Involved ‘Copying’ of Patient, Healthcare Provider Info. A hack on Danish pharmaceutical manufacturer Novo Nordisk has compromised some patients’ clinical trial information, the maker of popular weight loss and diabetes treatment drugs including Wegovy and Ozempic said. The company is working to bring affected IT systems back online. First seen on govinfosecurity.com…
-
Maine disables data breach notification portal after fake disclosures
Maine has taken its public data breach reporting portal offline after fraudulent breach disclosures were published on the state’s website, prompting a review of procedures to prevent abuse in the future. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/maine-disables-data-breach-notification-portal-after-fake-disclosures/
-
Bankruptcy admin approves settlement fund of $47 million for 23andMe data breach victims
About 7 million customers of the genetics testing company had their data stolen by hackers starting in April 2023, and many had their information posted on the dark web. First seen on therecord.media Jump to article: therecord.media/bankruptcy-admin-approves-settlement-for-23andme-breach-victims
-
South Korea hits Coupang with record $409 million fine over data breach
The penalty is the largest ever issued by the commission for a personal data breach, surpassing the record 134.8 billion won ($88.8 million) fine levied against SK Telecom earlier this year. First seen on therecord.media Jump to article: therecord.media/south-korea-data-breach-record-fine-coupang
-
Early Warning Signs of Supply-Chain Attacks Live in the Dark Web
GitHub access sales, leaked repositories, and stolen API keys can all become supply-chain attack footholds. Flare explores how underground forums expose early signals tied to software supply-chain risk. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/early-warning-signs-of-supply-chain-attacks-live-in-the-dark-web/
-
Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign
Tags: advisory, breach, exploit, flaw, google, group, intelligence, mandiant, oracle, rce, remote-code-execution, threat, update, vulnerability, zero-dayShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 organizations, mostly universities, before a patch was available. Mandiant and Google’s Threat Intelligence Group published an analysis of an active ShinyHunters campaign on June 11, one day after Oracle finally issued an advisory for the vulnerability being exploited. The gap matters: the activity ran…
-
Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign
Tags: advisory, breach, exploit, flaw, google, group, intelligence, mandiant, oracle, rce, remote-code-execution, threat, update, vulnerability, zero-dayShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 organizations, mostly universities, before a patch was available. Mandiant and Google’s Threat Intelligence Group published an analysis of an active ShinyHunters campaign on June 11, one day after Oracle finally issued an advisory for the vulnerability being exploited. The gap matters: the activity ran…
-
Pharma giant Novo Nordisk discloses breach of clinical trials data
Danish pharmaceutical giant Novo Nordisk, the world’s largest producer of insulin, disclosed a data breach affecting patient information from some clinical trials. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pharmaceutical-giant-novo-nordisk-discloses-security-breach/
-
Over 73,000 French govt employees affected in Tchap messenger breach
The French government revealed that a recent breach of its Tchap encrypted messaging platform affects the accounts of over 73,000 employees in the French public sector. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/french-govt-says-tchap-breach-affected-over-73-000-accounts/
-
Maine breach portal abused to publish fake data breach disclosures
In an unusual misinformation campaign, fraudulent data breach disclosures were submitted to Maine’s official breach portal and publicly posted before their legitimacy could be verified, prompting companies to deny the claims. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/maine-breach-portal-abused-to-publish-fake-data-breach-disclosures/
-
South Korea Drops a $409M Fine on Coupang in Historic Data Breach Ruling
South Korea fined Coupang $409 million after regulators said weak security controls led to a massive breach affecting 37.5 million accounts. The post South Korea Drops a $409M Fine on Coupang in Historic Data Breach Ruling appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-coupang-record-fine-409m-apac-south-korea/
-
France’s Tchap Breach: 650,000 Messages, 73,000 Accounts Exposed
Meta description: French officials are investigating a Tchap breach after an attacker claimed that 650,000 messages and 73,000 accounts were exposed via a hijacked account. The post France’s Tchap Breach: 650,000 Messages, 73,000 Accounts Exposed appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-tchap-breach-emea-france/
-
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private. The campaign hit universities hardest.Google’s Mandiant attributes it to the group it tracks as UNC6240, and dates the activity between May 27 and June 9. Oracle did not publish its…
-
Oracle warns of security bug that hackers abused to breach 100+ companies
The tech giant warned of a security flaw that a cybercrime gang said it’s exploiting as part of a mass-hacking campaign. Google said it notified more than 100 organizations that had potentially vulnerable servers. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/11/oracle-warns-of-security-bug-that-hackers-abused-to-breach-100-companies/
-
Breach Roundup: CISA Says Agencies Should ‘Patch Smarter’
Also, France Probes Tchap Breach, M&S Cancels Bonuses, June Patch Tuesday. This week, CISA tightened patching rules, hackers provoked AI scanners. An accused Russian intel hacker appeared in court. Microsoft warned of AI-themed attacks. M&S canceled bonuses. France probed a Tchap breach. NHS trusts disclosed stolen data and a Telegram campaign targeted Russian troops. First…
-
South Korea hits Coupang with $400M+ fine for data breach that affected millions
South Korean authorities issued the record-breaking fine following a data breach that affected over 30 million customers. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/11/south-korea-hits-coupang-with-400m-fine-for-data-breach-that-affected-millions/
-
South Korea hits Coupang with $400M+ fine for data breach that affected millions
South Korean authorities issued the record-breaking fine following a data breach that affected over 30 million customers. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/11/south-korea-hits-coupang-with-400m-fine-for-data-breach-that-affected-millions/
-
The Hidden Security Risks of Poor Software Testing
Poor Software Testing can expose hidden flaws, vulnerable dependencies and weak controls, increasing breach risks, downtime and costly fixes after release. First seen on hackread.com Jump to article: hackread.com/the-hidden-security-risks-of-poor-software-testing/
-
Coupang hit with record $409 million data breach fine in Korea
The Personal Information Protection Commission (PIPC), South Korea’s data protection regulator, has fined e-commerce giant Coupang a record 624.6 billion won (roughly $409 million) following a massive data breach affecting more than 37 million customers First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/south-korea-hits-coupang-with-record-409-million-fine-over-data-breach/
-
Extortion-Only Attacks Increase, With Data Theft Dominating Ransomware Claims
Extortion-only attacks are increasing as data theft drives most ransomware claims, with many organizations unable to stop stolen data from being exposed First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/extortion-only-attacks-surge/
-
Cybercriminals Exploit Chinese Guarantee Markets to Sell Stolen Credentials
Chinese-language “guarantee” marketplaces hosted mainly on Telegram have become a core conduit for buying, selling, and laundering stolen credentials and a wide range of criminal services. These platforms modeled explicitly on consumer escrow systems such as Alipay’s æ‹…ä¿äº¤æ˜“ (dÄnbÇŽo jiÄoyì) operate as third-party guarantors: the marketplace operator holds buyer funds in escrow, releases them only…
-
Nottingham University data breach affects over 450,000 students
The University of Nottingham confirmed on Wednesday that a hacking group gained access to its student records system in a breach affecting both current students and alums. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nottingham-university-data-breach-affects-over-450-000-students/
-
Cybercriminals claim breach of Oracle PeopleSoft servers at 100-plus organizations
The ShinyHunters hacking gang claims to have compromised the Oracle PeopleSoft servers of more than 100 organizations, including many universities. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/10/cybercriminals-claim-breach-of-oracle-peoplesoft-servers-at-100-plus-organizations/
-
Maine Govt Portal Lists 10M Discord Data Breach Notice, But Filing Shows Red Flags
Maine Attorney General portal lists a Discord breach notice claiming 10 million affected, but odd filing details leave it unverified and questionable. First seen on hackread.com Jump to article: hackread.com/maine-govt-portal-discord-data-breach-notice/
-
French govt messaging service breached in account hijacking attack
DINUM, the digital affairs directorate of the French government, warned that hackers used a hijacked user account to breach Tchap, the French government’s encrypted messaging platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/french-govt-messaging-service-breached-in-account-hijacking-attack/