Tag: data-breach
-
PayPal Flaw Exposed Email Addresses, Social Security Numbers for 6 Months
PayPal disclosed a software error in its Working Capital platform that exposed sensitive customer data, including Social Security numbers, for months in 2025. The post PayPal Flaw Exposed Email Addresses, Social Security Numbers for 6 Months appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-paypal-working-capital-data-exposure-2025/
-
PayPal discloses extended data leak linked to Loan App glitch
PayPal disclosed a six-month data breach that exposed sensitive user data, including Social Security numbers, due to a software error. PayPal has disclosed a data breach caused by a software bug in its PayPal Working Capital loan app. The flaw exposed sensitive customer information, including customers’ business contact details (name, email, phone number, address), along…
-
PayPal Flaw Exposed Sensitive Data in Lending App for Six Months
A PayPal loan app error exposed sensitive customer data, including SSNs, for nearly six months in 2025. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/paypal-flaw-exposed-sensitive-data-in-lending-app-for-six-months/
-
QA: Organisations Are Spending Millions on Cybersecurity and Still Getting It Wrong
Cybersecurity threats continue to escalate in scale, speed and sophistication, placing growing pressure on organisations to move beyond reactive defences and rethink how risk is governed at leadership level. As digital systems underpin everything from national infrastructure to day-to-day business operations, failures in governance, communication and accountability are increasingly being exposed as critical vulnerabilities. At…
-
‘God-Like’ Attack Machines: AI Agents Ignore Security Policies
Microsoft Copilot recently summarized and leaked user emails; but any AI agent will go above and beyond to complete assigned tasks, even breaking through their carefully designed guardrails. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/ai-agents-ignore-security-policies
-
Data breach at French bank registry impacts 1.2 million accounts
The French Ministry of Finance has published an announcement informing of a cybersecurity incident that has impacted 1.2 million accounts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/data-breach-at-french-bank-registry-impacts-12-million-accounts/
-
PayPal Data Breach 6 Months of Users’ Data Leaked Online
PayPal has begun notifying a small number of customers about a significant cybersecurity incident in which their personally identifiable information (PII) was exposed for nearly six months due to a software error in its PayPal Working Capital (PPWC) loan application. The exposure, which affected business contact details combined with highly sensitive personal data, lasted from…
-
Age verification vendor Persona left frontend exposed
Behind a basic age check, researchers say Persona’s system runs extensive identity, watchlist, and adverse-media screening. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/age-verification-vendor-persona-left-frontend-exposed/
-
PayPal discloses data breach that exposed user info for 6 months
PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/paypal-discloses-data-breach-exposing-users-personal-information/
-
PayPal discloses data breach that exposed user info for 6 months
PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/paypal-discloses-data-breach-exposing-users-personal-information/
-
PayPal discloses data breach that exposed user info for 6 months
PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/paypal-discloses-data-breach-exposing-users-personal-information/
-
Two Petabytes Worth Data of Israeli’s Siphoned, Says Cyber Head
Two petabytes, or two quadrillion bytes of information, has been stolen from Israelis in recent years, according to Yossi Karadi, head of the Israel National Cyber Directorate (INCD). Speaking to The Jerusalem Post, Karadi described the scope of the Israel data breach incidents as unprecedented. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/israel-data-breach-incd-head/
-
Datenleck-Websites: Das Druckmittel der Ransomware-Bande von heute
Wenn Unternehmensdaten auf einer Leak-Site offengelegt werden, kann dies langfristige Folgen haben First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/ransomware/datenleck-websites-das-druckmittel-der-ransomware-bande-von-heute/
-
Hackers Exploit Critical BeyondTrust Vulnerability to Deploy VShell and SparkRAT
Hackers are actively exploiting a critical vulnerability in BeyondTrust’s remote support software to deploy the VShell backdoor and SparkRAT remote access trojan, enabling full compromise of exposed systems. The vulnerability, tracked as CVE-2026-1731, is being used in real-world attacks against multiple industries across the U.S., Europe, and Asia-Pacific. BeyondTrust is an identity and access management…
-
Abu Dhabi Finance Week Exposed VIP Passport Details
Unprotected cloud data sends the wrong signal at a time when the emirate’s trying to attract investors and establish itself as a global financial center. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/abu-dhabi-finance-week-leaked-vip-passport-details
-
Bug in student admissions website exposed children’s personal information
Ravenna Hub, which lets parents apply and track the status of their kids’ applications across thousands of schools, allowed any logged-in user to access the personally identifiable data associated with any other user, including their children. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/19/bug-in-student-admissions-website-exposed-childrens-personal-information/
-
Ivanti EPMM Vulnerabilities Actively Exploited in the Wild
Ivanti EPMM flaws are being exploited to enable unauthenticated remote code execution on exposed MDM systems. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/ivanti-epmm-vulnerabilities-actively-exploited-in-the-wild/
-
Adidas investigates alleged data breach affecting 815,000 records
Adidas confirmed it is investigating a possible data breach involving one of its third-party customer service providers. The company stated that there is no indication its IT … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/19/adidas-third-party-data-breach-investigation/
-
Researchers Uncover DoS Vulnerabilities in Socomec DIRIS M-70 IIoT Power Meter via Thread Emulation Fuzzing
Selective thread emulation and coverage-guided fuzzing have exposed six denial-of-service (DoS) vulnerabilities in the Socomec DIRIS M-70 IIoT power-monitoring gateway, all of which are now patched under Cisco’s Coordinated Disclosure Policy. The Socomec DIRIS M-70 gateway is a central communications node for energy monitoring, supporting RS485 and Ethernet plus protocols such as Modbus RTU, Modbus…
-
Adidas investigates third-party data breach after criminals claim they pwned the sportswear giant
‘Potential data protection incident’ at an ‘independent licensing partner,’ we’re told First seen on theregister.com Jump to article: www.theregister.com/2026/02/18/adidas_investigates_thirdparty_data_breach/
-
Figure Breach Enters New Phase After Data Leak Claims
The data breach disclosed by fintech lender Figure Technology Solutions is moving beyond a contained security incident, as reports that stolen customer information is circulating online coincide with early legal investigations. The developments mark the point where an internal breach begins to create broader consumer risk and potential liability. Latest Developments Data associated with the……
-
Microsoft Patches Security Flaw That Exposed Confidential Emails to AI
Microsoft Corp. confirmed it is addressing a significant security lapse that allowed its Copilot AI to bypass privacy protections and summarize users’ confidential emails without authorization. The bug, which has persisted since late January, effectively ignored data loss prevention (DLP) protocols designed to keep sensitive corporate information out of the reach of large language models..…
-
Microsoft Patches Security Flaw That Exposed Confidential Emails to AI
Microsoft Corp. confirmed it is addressing a significant security lapse that allowed its Copilot AI to bypass privacy protections and summarize users’ confidential emails without authorization. The bug, which has persisted since late January, effectively ignored data loss prevention (DLP) protocols designed to keep sensitive corporate information out of the reach of large language models..…
-
Betterment data breach might be worse than we thought
This breach now appears far more serious. The leaked data includes rich personal and financial details that phishers could use. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/betterment-data-breach-might-be-worse-than-we-thought/
-
XSS Bug in VS Code Extension Exposed Local Files
An XSS flaw in the VS Code Live Preview extension exposed developers’ local files and credentials through the localhost server. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/xss-bug-in-vs-code-extension-exposed-local-files/
-
Data breach at fintech giant Figure affects close to a million customers
The Figure data breach allowed hackers to steal customer names, dates of birth, physical addresses, phone numbers, and email addresses. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/18/data-breach-at-fintech-giant-figure-affects-close-to-a-million-customers/
-
Firebase Misconfiguration Exposes 300M Messages From Chat Ask AI Users
A technical mistake in the popular Chat Ask AI app has left 300 million private messages from 25 million users exposed online. Discover what happened and how you can protect your personal data when using AI chatbots. First seen on hackread.com Jump to article: hackread.com/firebase-misconfiguration-chat-ask-ai-users-expose/
-
Substack Breach May Have Leaked Nearly 700,000 User Details Online
Substack says hackers accessed user emails, phone numbers, and internal metadata in October 2025, with a database of 697,313 records later posted online. The post Substack Breach May Have Leaked Nearly 700,000 User Details Online appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-substack-data-breach-user-accounts-leaked/