Tag: breach
-
Match Group breach exposes data from Hinge, Tinder, OkCupid, and Match
Match Group, the owner of multiple popular online dating services, Tinder, Match.com, Meetic, OkCupid, and Hinge, confirmed a cybersecurity incident that compromised user data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/match-group-breach-exposes-data-from-hinge-tinder-okcupid-and-match/
-
Data Breaches in America Hit All-Time Record High in 2025
Identity Theft Resource Center Catalogs 3,322 Known US Incidents in 2025. The number of U.S. organizations that reported falling victim to a data breach in 2025 reached an all-time high, while the number of notifications they sent to affected consumers fell sharply, reports the Identity Theft Resource Center’s latest annual breach roundup. First seen on…
-
Marquis blames ransomware breach on SonicWall cloud backup hack
Marquis Software Solutions, a Texas-based financial services provider, is blaming a ransomware attack that impacted its systems and affected dozens of U.S. banks and credit unions in August 2025 on a security breach reported by SonicWall a month later. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/marquis-blames-ransomware-breach-on-sonicwall-cloud-backup-hack/
-
The Agentic AI Posture Score: A New Metric for CISOs
In cybersecurity, we live by our metrics. We measure Mean Time to Respond (MTTR), Dwell Time, and Patch Cadence. These numbers tell the Board how fast we react when things go wrong. But in the era of Agentic AI, reaction speed is no longer enough. When an AI Agent or an MCP server is compromised,…
-
France Fines National Employment Agency Euro5m Over 2024 Data Breach
The French data protection regulator said that France Travail’s response to a 2024 data breach violated GDPR First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/france-finesemployment-agency-5m/
-
France fines unemployment agency Euro5 million over data breach
The French data protection authority fined the national employment agency Euro5 million (nearly Euro6 million) for failing to secure job seekers’ data, which allowed hackers to steal the personal information of 43 million people. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/france-fines-unemployment-agency-5-million-over-data-breach/
-
US Data Breaches Hit Record High but Victim Numbers Decline
Non-profit ITRC says the number of data breaches increased 5% annually to reach a record total in 2025 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-data-breaches-record-high/
-
SoundCloud Data Breach: Nearly 30 Million Accounts Confirmed Exposed
SoundCloud has confirmed that a significant data breach first detected in December 2025 affected approximately 29.8 million user accounts. New verification of the leaked data clarifies the scope of the incident and highlights the practical risks for users of the music and audio platform. The breach did not involve a direct break-in to SoundCloud’s main……
-
ShinyHunters Claims 14M Panera Bread Records Exposed in Data Breach
The dataset allegedly includes names, email addresses, postal addresses, phone numbers, and account-related details. The post ShinyHunters Claims 14M Panera Bread Records Exposed in Data Breach appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-panera-bread-data-breach/
-
SolarWinds, again: Critical RCE bugs reopen old wounds for enterprise security teams
Tags: access, attack, authentication, awareness, breach, cisco, control, credentials, cve, cybersecurity, data, exploit, flaw, fortinet, infrastructure, malicious, programming, radius, rce, remote-code-execution, software, threat, update, vulnerabilityRemote code execution and data deserialization vulnerabilities CVE-2025-40551 (critical) and CVE-2025-40553 (critical);Authentication and bypass security flaws CVE-2025-40552 (critical), CVE-2025-40554 (critical), CVE-2025-40536 (high), and CVE-2025-40537 (high).CVE-2025-40551 and CVE-2025-40553 make WHD susceptible to untrusted data deseralization that could allow attackers to run commands on the host machine. The flaw could be exploited without authentication.The other two critical…
-
‘AI-Powered’ Services Firm Says Hack Affects 3.1M
Reported Victim Tally in HCIactive’s Health Data Theft Incident Soars. The victim count in a 2025 hack against a Maryland-based firm that provides AI-powered administrative and technology services to healthcare practices soared to nearly 3.1 million nationwide, according to an updated breach report from Healthcare Interactive. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-powered-services-firm-says-hack-affects-31m-a-30618
-
VaynerX Engages Keeper Security to Standardise Credential Security Globally
Keeper announced VaynerX’s implementation of their Enterprise Password Manage, a part of the KeeperPAM® platform, to strengthen credential security access across its company. The platform mitigates VaynerX’s risk of cybersecurity breaches and strengthens its overall organisational security. VaynerX is known to be a popular modern media and communications company globally, with teams working across multiple…
-
Chinese National Sentenced to 46 Months for Laundering Millions Stolen from U.S. Investors
A Chinese national has been sentenced to nearly four years in U.S. federal prison for laundering tens of millions of dollars stolen from American investors through a large”‘scale digital asset investment scam run from Southeast Asia. On Tuesday, Chinese citizen Jingliang Su received a 46″‘month prison sentence for his role in laundering more than $36.9…
-
Slovakian man pleads guilty to operating darknet marketplace
A Slovakian national admitted on Tuesday to helping operate a darknet marketplace that sold narcotics, cybercrime tools and services, fake government IDs, and stolen personal information for more than two years. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/slovakian-man-pleads-guilty-to-operating-kingdown-market-cybercrime-marketplace/
-
Android Phones Get AI-Powered Anti-Theft Features
Enhanced lockouts and stronger remote locking aim to make stolen devices far harder”, and less profitable”, for criminals. The post Android Phones Get AI-Powered Anti-Theft Features appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-android-anti-theft-features/
-
Delegation is a risk decision every leader makes, not an ops choice
Tags: access, ai, awareness, breach, business, communications, compliance, control, finance, governance, infrastructure, jobs, resilience, risk, risk-assessment, service, toolAirlines and booking platforms, overwhelmed by volume and operational pressure, delegated financial decision-making to automated systems that could issue credits, delay refunds, or apply preset rules at scale.In many cases, those systems operated exactly as configured. They stayed within internal thresholds, followed approved logic, and reduced immediate operational load. The problem surfaced later. Customers challenged outcomes.…
-
Another Credential Leak, Another Dollar
A 149M-credential breach shows why encryption alone isn’t enough. Infostealer malware bypasses cloud security by stealing passwords at the endpoint”, where encryption offers no protection. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/another-credential-leak-another-dollar/
-
Another Credential Leak, Another Dollar
A 149M-credential breach shows why encryption alone isn’t enough. Infostealer malware bypasses cloud security by stealing passwords at the endpoint”, where encryption offers no protection. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/another-credential-leak-another-dollar/
-
Another Credential Leak, Another Dollar
A 149M-credential breach shows why encryption alone isn’t enough. Infostealer malware bypasses cloud security by stealing passwords at the endpoint”, where encryption offers no protection. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/another-credential-leak-another-dollar/
-
Android just got smarter at stopping snatchrun phone thefts
Google announced updates to the Android theft protection features that expand existing safeguards and make stolen devices harder to use. These updates are available on Android … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/28/google-android-theft-protection-features/
-
Let them eat sourdough: ShinyHunters claims Panera Bread as stolen credentials victim
Plus, the gang says it got in via Microsoft Entra SSO First seen on theregister.com Jump to article: www.theregister.com/2026/01/27/shinyhunters_claim_panera_bread/
-
Nike Investigates Alleged Data Breach Tied to World Leaks
Nike is investigating World Leaks’ claims of a data breach, underscoring growing risks from data-centric extortion attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/nike-investigates-alleged-data-breach-tied-to-world-leaks/
-
Interconnectedness, extortion risk make cybersecurity a healthcare C-suite priority
A new report from Trellix reviews the biggest breaches, describes the most effective defenses and profiles the most dangerous attackers. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/health-care-cybersecurity-threats-report-trellix/810608/
-
Nike investigates data breach after extortion gang leaks files
Nike is investigating what it described as a “potential cyber security incident” after the World Leaks ransomware gang leaked 1.4 TB of files allegedly stolen from the sportswear giant. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nike-investigates-data-breach-after-extortion-gang-leaks-files/
-
WorldLeaks Extortion Group Claims It Stole 1.4TB of Nike Data
The sportswear brand is investigating an alleged breach of its network that exposed some 188,347 files of highly sensitive corporate data. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/worldeaks-extortion-group-stole-1.4tb-nike-data
-
Nike probes potential cyber incident after hackers claim data leak
The company said in a brief statement that it takes consumer privacy and data security seriously and is “actively assessing the situation,” but offered few details about the scope of the alleged breach or whether customer information may have been exposed. First seen on therecord.media Jump to article: therecord.media/nike-probes-alleged-cyber-incident
-
From Cipher to Fear: The psychology behind modern ransomware extortion
Modern ransomware has shifted from encryption to psychological extortion that exploits fear, liability, and exposure. Flare shows how today’s ransomware groups weaponize stolen data and pressure tactics to force payment. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/from-cipher-to-fear-the-psychology-behind-modern-ransomware-extortion/
-
Teleport Launches Framework to Secure Identities of AI Agents
Teleport unveils an agentic identity framework that secures AI agents without passwords, replacing static credentials with cryptographic, zero-trust identities to reduce breach risk. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/teleport-launches-framework-to-secure-identities-of-ai-agents/
-
Microsoft brings AI-powered investigations to security teams
Microsoft Purview Data Security Investigations is now available. The tool is part of Microsoft Purview and is intended for scenarios such as data breach and leak … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/27/microsoft-purview-data-security-investigations/