Latest News: Data Breaches

A serious security vulnerability in Verizon’s Call Filter app allowed users to access the incoming call logs of any other Verizon customer by modifying an API request. The issue, discovered by cybersecurity researcher Evan Connelly, was disclosed to Verizon in February 2025 and patched by

A leak of 9,000 sensitive New South Wales court documents may expose the details of domestic violence incidents, including some affecting children. The New South Wales Attorney-General has warned potential victims to take extra precautions in the aftermath as police and forensic experts continue to

Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password-protected database that contained just under 100k records belonging to GenNomis by AI-NOMIS — an AI company based in South Korea that provides face swapping and “Nudify” adult content as well as a

SpyX, a consumer-grade spyware app marketed as parental monitoring software, has suffered a major data breach affecting nearly 2 million, including thousands of Apple users. The breach occurred in June 2024 but remained unreported until now, with no notification issued to affected users. The

More than 500,000 individuals are being notified after a cyberattack on the Pennsylvania State Education Association (PSEA) compromised their personal data in July 2024. The union, which represents over 178,000 education professionals across Pennsylvania, said in breach notification letters that

Amazon Web Services (AWS) is under scrutiny for continuing to host stolen data from victims of three stalkerware apps — Cocospy, Spyic, and Spyzie — weeks after being alerted to its presence. These apps, designed for covert surveillance, secretly extract and upload victims' personal data to

PowerSchool, a major provider of education software solutions, was compromised months before its December 2024 data breach, according to a forensic investigation by cybersecurity firm CrowdStrike. The company had initially reported that hackers gained unauthorized access between December 19 and

Australian fertility provider Genea has confirmed it experienced a cyberattack that led to unauthorized access to its data, the disruption of patient services, and delays to critical fertility treatments. The company, which operates 21 clinics across Australia, stated that an “unauthorized third

Federal judge Paul Engelmayer has issued a preliminary injunction to prevent Elon Musk’s Department of Government Efficiency (DOGE) from accessing and using sensitive financial data belonging to millions of Americans. The court order mandated DOGE to destroy any obtained data. A hearing was also

Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password-protected database that contained nearly 2.7 billion records belonging to Mars Hydro — a China-based company offering IoT grow lights and software applications that allow users worldwide to control