Latest News: Data Breaches

An internal memo revealed that the DHS uncovered a misconfiguration in one of its online platforms that left sensitive information exposed to “thousands” of unauthorized users. The platform operated by the DHS’s Office of Intelligence and Analysis (I&A) contained sensitive information shared

Geedge Networks, the organization behind China’s Great Firewall, has fallen victim to a massive data breach. The 500GB leak contained highly sensitive documents divulging technical implementation details of the censorship technology as well as its sale to authoritative countries like Myanmar,

The streaming service Plex disclosed a “security incident” in which unnamed hackers stole potentially sensitive customer account information. Plex made the announcement on Tuesday, urging all customers to log out of all connected devices and reset their passwords as a precaution. In its

A filing with the Oregon Attorney General revealed that a data breach at Absolute Dental claimed over 1.2 million victims. Absolute Dental had previously disclosed the data breach with a placeholder figure of just 501 affected individuals to the HHS’ Office for Civil Rights on May 2,

The ransomware group LunaLock has allegedly hacked the website Artists&Clients, a platform that connects artists with clients, and encrypted all of its data. The hackers have requested a $50,000 ransom and threatened to use the stolen content to train Large Language Models (LLMs) if the

Zscaler, a cybersecurity firm with one of the largest security cloud infrastructures in the world, disclosed a Salesloft Drift supply chain incident impacting many of its Salesforce customers. Hackers reportedly stole Salesloft Drift OAuth and refresh tokens, potentially enabling unauthorized

According to multiple reports, a threat actor is attempting to sell the stolen data of over 21.3 million PrestaShop users on a dark web forum. Potential buyers can already view a subset of the data for free before deciding whether to bid on the entire database. The data obtained in the breach

A group of hackers claims to have breached PayPal and is offering a dataset of 15.8 million credentials on the deep web. The threat actor behind the allegedly stolen data insists it is up to date and describes it as a “goldmine” for cybercriminals. PayPal denies the breach. According to

K7 Security Labs researchers have raised the alarm after discovering an infostealer malware affecting Windows devices, dubbed “Silent Watcher.” Part of the Cmimai malware family, Silent Watcher demonstrates sophisticated mechanisms to achieve long-term persistence and redundant data

Google revealed that it’s the latest major company victim in a series of data breaches involving the exploitation of Salesforce CRM users. ShinyHunter, the threat actor, used social engineering tactics to impersonate IT support staff in phone calls to employees of target businesses. As of now,