On 23 November 2025, Iberia disclosed a security incident stemming from an unauthorized access to the systems of a third-party supplier / vendor.The airline communicated to impacted customers that certain personal data may have been exposed. According to the notification, exposed information may include first and last name, email address, and loyalty-card identification numbers (Iberia…
Category: data breach
Breaking News, cyber crime, data breach, Global Security News, hacking, malware
Emergency alerts go dark after cyberattack on OnSolve CodeRED
Cyberattack on OnSolve CodeRED disrupted emergency alert services for U.S. state, local, police, and fire agencies. A cyberattack on the OnSolve CodeRED alert platform disrupted emergency notification services used by U.S. state and local governments, police, and fire agencies. OnSolve CodeRED is a cloud-based emergency alert system used by U.S. state and local governments to…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
SitusAMC confirms data breach affecting customer information
SitusAMC says a recent breach exposed customer data; the real-estate financing firm provides back-office services for banks and lenders. SitusAMC, a leading real-estate financing services provider for banks and lenders, disclosed a data breach discovered earlier this month that exposed customer information. The firm manages back-office functions such as mortgage origination, servicing, and compliance for…
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, Security
Harvard reports vishing breach exposing alumni and donor contact data
Harvard revealed its Alumni Affairs systems suffered a vishing breach, exposing emails, phone numbers, addresses, donation data and biographical info. Harvard revealed that threat actors breached its Alumni Affairs and Development systems through a vishing attack, exposing contact, donation, and biographical data of students, staff, alumni. Harvard says the breached systems held no Social Security…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News
Delta Dental of Virginia data breach impacts 145,918 customers
Delta Dental of Virginia suffered a data breach that exposed personal and health data of about 146,000 customers after the hack of an email account. A security breach at the dental care provider Delta Dental of Virginia (DDVA) exposed data of about 146,000 people, including names, Social Security numbers, ID numbers, and health information, after…
Asia Pacific, Breaking News, cyber crime, Cybercrime, data breach, Global Security News
Iberia discloses security incident tied to supplier breach
Iberia warns customers of a supplier-related data breach as a threat actor claims to hold 77GB of stolen airline data. Iberia is warning customers about a data breach after a third-party supplier was hacked by a threat actor who claims to have stolen 77 GB of airline data. Iberia is the flag carrier airline of…
Breaking News, Cybercrime, data breach, Emerging Tech, Global Security News, hacking, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 72
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Contagious Interview Actors Now Utilize JSON Storage Services for Malware Delivery RONINGLOADER: DragonBreath’s New Path to PPL Abuse npm Malware Campaign Uses Adspect Cloaking to Deliver Malicious Redirects GPT Trade: Fake Google Play Store…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 551 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. BadAudio malware: how APT24 scaled its cyberespionage through supply chain attacks U.S. CISA adds an Oracle…
cyber attack, Cybersecurity, data breach, Global Security News, hacking news, Security
ShinyHunters Breach Gainsight Apps on Salesforce, Claim Data from 1000 Firms
ShinyHunters breached Gainsight apps integrated with Salesforce, claiming access to data from 1000 firms using stolen credentials and compromised tokens.
Breaking News, cyber crime, data breach, Exploits, Global Security News, hacking
Massive data leak hits Italian railway operator Ferrovie dello Stato via Almaviva hack
Ferrovie dello Stato Italiane (FS) data leaked after a breach at IT provider Almaviva. A hacker claims the theft of 2.3 TB of sensitive data. Data belonging to Italy’s national railway operator Ferrovie dello Stato Italiane (FS) was leaked after a data breach at IT provider Almaviva. FS Italiane Group is Italy’s state-owned railway company, managing passenger…
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, Security
Eurofiber confirms November 13 hack, data theft, and extortion attempt
Eurofiber says hackers exploited a flaw on November 13, breached its ticket and customer portals, stole data, and attempted extortion. On November 13, threat actors exploited a vulnerability to breach its ticketing system and ATE customer portal of the European fiber operator Eurofiber. Attackers stole data and attempted extortion. Eurofiber focuses on B2B digital infrastructure,…
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News
Pennsylvania Office of the Attorney General (OAG) confirms data breach after August attack
The Pennsylvania Office of the Attorney General (“OAG”) confirms a data breach following a ransomware attack by Inc Ransom group. The Pennsylvania Office of the Attorney General (“OAG”) confirmed a data breach following a ransomware attack attributed to Inc Ransom group. However, the organization did not share details about the security breach, either the number…
Breaking News, cyber crime, data breach, Global Security News, hacking, Security
DoorDash data breach exposes personal info after social engineering attack
DoorDash says a social engineering attack led to a data breach exposing names, addresses, emails, and phone numbers of users, Dashers, and merchants. U.S.-based food delivery and logistics company DoorDash announced that a social engineering attack led to a data breach. “Our team recently identified and shut down a cybersecurity incident that involved an unauthorized…
data breach, Data loss, extortion, Global Security News, Guest blog, Ransom
A miracle: A company says sorry after a cyber attack – and donates the ransom to cybersecurity research
One of the sad truths about this world of seemingly endless hacks and data breaches is that companies just won’t apologise. Even when customers, partners, and employees are left wondering when their data will be published by malicious hackers on the dark web, breached organisations will seemingly do everything they can to avoid saying what…
Breaking News, data breach, Global Security News, hacking, hacking news, Security
Jaguar Land Rover confirms major disruption and £196M cost from September cyberattack
Jaguar Land Rover says the September 2025 cyberattack halted production, led to data theft, and cost £196M in the quarter. Jaguar Land Rover reported that a September 2025 cyberattack, claimed by Scattered Lapsus$ Hunters, cost the company £196 million in the quarter. In early September, Jaguar Land Rover shut down systems to mitigate a cyberattack that disrupted…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 71
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter 9 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads GlassWorm Returns: New Wave Strikes as We Expose Attacker Infrastructure Gootloader Returns: What Goodies Did They Bring? Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, Security
Security Affairs newsletter Round 550 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Multiple Vulnerabilities in GoSign Desktop lead to Remote Code Execution U.S. CISA adds Fortinet FortiWeb flaw to…
cyber attack, Cybersecurity, data breach, Global Security News, Security
DoorDash hit by data breach after an employee falls for social engineering scam
Food delivery giant DoorDash confirms a data breach on Oct 25, 2025, where an employee fell for a social engineering scam. User names, emails, and home addresses were stolen.
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, hacking
Washington Post notifies 10,000 individuals affected in Oracle-linked data theft
The Washington Post alerts nearly 10,000 employees and contractors that personal and financial data was exposed in the Oracle breach. The Washington Post warns nearly 10,000 staff and contractors that personal and financial data was exposed in the Oracle breach. The popular newspaper has approximately 2.5M digital subscribers. Between July 10 and August 22, threat…
cyber attacks, cyber crime, data breach, Global Security News, Security
Cl0p Ransomware Lists NHS UK as Victim, Days After Washington Post Breach
Cl0p ransomware lists NHS UK as a victim days after The Washington Post confirms a major Oracle E-Business breach linked to CVE-2025-61882.
Cybersecurity, data breach, Global Security News, Have I Been Pwned, HIBP, Security
Have I Been Pwned Adds 1.96B Accounts From Synthient Credential Data
Have I Been Pwned (HIBP), the popular breach notification service, has added another massive dataset to its platform.…
cyber attack, Cybersecurity, data breach, Global Security News, malware, Security
Fake NPM Package With 206K Downloads Targeted GitHub for Credentials
Veracode Threat Research exposed a targeted typosquatting attack on npm, where the malicious package @acitons/artifact stole GitHub tokens. Learn how this supply chain failure threatened the GitHub organisation’s code.
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter SesameOp: Novel backdoor uses OpenAI Assistants API for command and control Weaponized Military Documents Deliver Advanced SSH-Tor Backdoor to Defense Sector Gootloader Returns: What Goodies Did They Bring? Ransomvibing appears in VS Code extensions …
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, Security
Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. China-linked hackers target U.S. non-profit in long-term espionage campaign A new Italian citizen was targeted with…
cyber attack, Cybersecurity, data breach, Global Security News, hacking news, Security
Hackers Steal Personal Data and 17K Slack Messages in Nikkei Data Breach
Nikkei confirms breach after a virus infected an employee PC, exposing 17,368 names and Slack chat histories. The media giant reported the incident voluntarily.
Breaking News, cyber crime, data breach, Global Security News, Security
Conduent January 2025 breach impacts 10M+ people
Conduent January 2025 breach exposed personal data of 10M+ people, including names, addresses, DOBs, SSNs, and health and insurance info. Conduent January 2025 breach exposed the personal data of over 10M people, including names, addresses, DOBs, SSNs, and health and insurance info. In April 2025, the business services provider Conduent revealed that personal information, including…
Breaking News, Cybercrime, data breach, Global Security News, malware, Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 69
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques Uncovering Qilin attack methods exposed through multiple cases Mem3nt0 mori – The Hacking Team is back! Insider Threats Loom…
Breaking News, data breach, Ernst & Young, Exploits, EY, Global Security News
EY Exposes 4TB SQL Server Backup Publicly on Microsoft Azure
A massive 4TB SQL Server backup file belonging to global accounting giant Ernst & Young (EY) was discovered publicly accessible on Microsoft Azure. Cybersecurity firm Neo Security discovered a 4TB SQL Server backup belonging to accounting giant Ernst & Young (EY) publicly accessible on Microsoft Azure during a routine scan. Neo Security’s lead researcher identified a…
cyber attack, cyber attacks, Cybersecurity, data breach, Global Security News, Security
Year-Long Nation-State Hack Hits US Telecom Ribbon Communications
Ribbon Communications discloses a year-long breach by nation-state actors. The attack highlights critical supply chain risk, reflecting the Salt Typhoon and F5 espionage trends.
data breach, Data loss, Global Security News, Law & order
The human cost of the UK Government’s Afghan data leak
Can data leaks do real harm? Yes, they can. And so can a failure to respond appropriately.
Breaking News, cyber crime, Cybercrime, data breach, Global Security News
Dentsu’s US subsidiary Merkle hit by cyberattack, staff and client data exposed
Dentsu said its U.S. unit Merkle was hit by a cyberattack exposing staff and client data, forcing some systems offline to mitigate the security breach. Japanese multinational advertising and public relations company Dentsu, one of the largest marketing agencies in the world, announced that its U.S.-based subsidiary Merkle suffered from a cyber attack that exposed…
Breaking News, cyber crime, data breach, Europe, Global Security News, malware, Security
Everest group claimed the hack of Sweden’s power grid operator Svenska kraftnät
Hackers hit Sweden’s power grid operator Svenska kraftnät, stealing data via a file transfer tool. The power grid was not affected. Hackers breached Sweden’s state-owned power grid operator Svenska kraftnät, stealing data from an isolated file transfer system. The power grid operations were not impacted by the cyber incident. The Swedish company on Monday disclosed…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, malware
Safepay ransomware group claims the hack of professional video surveillance provider Xortec
Safepay group claims the hack of professional video surveillance provider Xortec and added the company to its data leak site. The Safepay group claimed responsibility for hacking German video surveillance provider Xortec and listed the company on its data leak site. The ransomware payment deadline is October 27, 2025. Xortec GmbH, based in Frankfurt with…
data breach, Data loss, Global Security News, Guest blog, Law & order
John Bolton charged over classified emails after Iranian hack of his AOL account
Former US national security adviser John Bolton is the latest in a line of Donald Trump’s critics to find themselves on the sharp end of charges from the US Department of Justice. Bolton, who left the White Hose in 2021 and wrote a tell-all memoir describing Trump as unfit for office and “stunningly uninformed,” has…
Breaking News, data breach, Global Security News, hacking, intelligence
Russian Lynk group leaks sensitive UK MoD files, including info on eight military bases
Russian hackers stole and leaked MoD files on eight RAF and Navy bases, exposing staff data in a “catastrophic” cyberattack via Dodd Group breach. Russian cybercrime group Lynx breached Dodd Group, a contractor for the UK Ministry of Defence, stealing and leaking hundreds of sensitive files on eight RAF and Royal Navy bases. The incident…
data breach, Data loss, Global Security News, Guest blog, Law & order
Hundreds of masked ICE agents doxxed by hackers, as personal details posted on Telegram
Hundreds of US government officials working for the FBI, ICE, and Department of Justice have had their personal data leaked by a notorious hacking group. Read more in my article on the Hot for Security blog.
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 67
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Astaroth: Banking Trojan Abusing GitHub for Resilience North Korea’s Contagious Interview Campaign Escalates: 338 Malicious npm Packages, 50,000 Downloads New Rust Malware “ChaosBot” Uses Discord for Command and Control Weaponizing Discord for Command and…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 546 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Winos 4.0 hackers expand to Japan and Malaysia with new malware From Airport chaos to cyber…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News
Prosper disclosed a data breach impacting 17.6 million accounts
Threat actors stole personal data, including names, IDs, and financial details from Prosper, affecting over 17M users. Prosper is a U.S.-based peer-to-peer lending platform that connects individual borrowers with investors. Founded in 2005 and headquartered in San Francisco, Prosper allows people to apply for personal loans online, while investors can fund portions of those loans…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News
Auction house Sotheby’s disclosed a July data breach
Sotheby’s reported a July 24 breach exposing customer and financial data; it took two months to assess the stolen information and affected individuals. Sotheby’s reported a data breach that exposed customer information, including financial details. The company discovered the security breach on July 24, and investigators spent two months determining what data was stolen and…
AI, Apps, Compliance, Cybersecurity, data breach, Data Breaches, Exploits, F5, forensics, Global Security News, Government & Policy, Information Security, Network Security, Risk Management
Think Your Firewall Is Safe? The F5 Hack Proves It’s the Perfect Trojan Horse
In what is being described as one of the most consequential cyber-espionage operations of the year, US technology vendor F5 Networks has confirmed that nation-state threat actors successfully infiltrated its internal environment, stealing source code and vulnerability intelligence related to its flagship BIG-IP product line — a core networking and application delivery system used by…
Cloud, Cybersecurity, data breach, Global Security News, hacking news, Security
Misconfigured NetcoreCloud Server Exposed 40B Records in 13.4TB of Data
A misconfigured server belonging to Indian company NetcoreCloud exposed 40 billion records and 13.4TB of data, revealing sensitive…
Breaking News, cyber crime, data breach, Global Security News, hacking
Spanish fashion retailer MANGO disclosed a data breach
Spanish fashion retailer MANGO disclosed a data breach after a marketing vendor compromise exposed customer personal information. Mango is a global fashion brand founded in Barcelona in 1984, it has over 2,850 stores in 120 countries and 16,400 employees. In 2024, it reported €3.3 billion in revenue and €219 million in profit. Online sales account…
Breaking News, data breach, F5, Global Security News, Security
A sophisticated nation-state actor breached F5 systems, stealing BIG-IP source code and data on undisclosed flaw
F5 disclosed that a sophisticated nation-state actor breached its systems, stealing BIG-IP source code and data on undisclosed product vulnerabilities. Cybersecurity firm F5 disclosed that a highly sophisticated nation-state actor in August 2025 threat actors breached its systems and stole BIG-IP’s source code and information related to undisclosed vulnerabilities. The attackers accessed the company’s BIG-IP…
china, cyber attack, Cybersecurity, data breach, Global Security News, Security
F5 Confirms Nation-State Breach, Source Code and Vulnerability Data Stolen
F5 has confirmed it was the victim of a state-sponsored cyberattack that allowed hackers to access its internal…
Cybersecurity, data breach, Global Security News, leaks, Security
Elasticsearch Leak Exposes 6 Billion Records from Scraping, Old and New Breaches
An Elasticsearch leak exposed 6 billion records from global data breaches and scraping sources, including banking and personal details tied to multiple regions.
Breaking News, Cybercrime, data breach, Global Security News, Security
Customer payment data stolen in Unity Technologies’s SpeedTree website compromise
Malicious code on Unity Technologies’s SpeedTree site skimmed sensitive data from hundreds of customers, the company confirmed. Video game software development firm Unity Technologies revealed that malicious code on its SpeedTree website skimmed sensitive information from hundreds of customers, impacting users who accessed the compromised site. The company discovered on August 26, 2025, the presence…
cyber attacks, Cybersecurity, data breach, Fujifilm, Global Security News, Security
ShinyHunters Leak Alleged Data from Qantas, Vietnam Airlines and Other Major Firms
ShinyHunters and its affiliate hackers have leaked data from 6 firms, including Qantas and Vietnam Airlines, after claiming to breach 39 companies via a Salesforce vulnerability.
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 545 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CVE-2025-11371: Unpatched zero-day in Gladinet CentreStack, Triofox under attack Cybercrime ring GXC Team dismantled in Spain,…
data breach, Exploits, Global Security News
SonicWall data breach affects all cloud backup customers
On Sept. 17, security vendor SonicWall announced that cybercriminals had stolen backup files configured for cloud backup. At the time, the company claimed the incident was limited to “less than five percent” of its customers. Now, the firewall provider has admitted that “all customers” using the MySonicWall cloud backup feature were affected. Consequences of the attack…
BreachForums, data breach, Data loss, Global Security News, Guest blog, Law & order
BreachForums seized, but hackers say they will still leak Salesforce data
Read more in my article on the Hot for Security blog.
data breach, Global Security News
Datenleck bei SonicWall betrifft alle Cloud-Backup-Kunden
Der Sicherheitsvorfall bei SonicWall ist umfangreicher als bisher angenommen. Tada Images – shutterstock.com Am 17. September gab der Security-Anbieter SonicWall bekannt, dass Cyberkriminelle Backup-Dateien entwendet hätten, die für die Cloud-Sicherung konfiguriert waren. Damals behauptete das Unternehmen, der Vorfall sei auf “weniger als fünf Prozent” der Kunden beschränkt. Nun muss der Firewall-Anbieter einräumen, dass “alle Kunden”,…
cyber attack, cyber attacks, Cybersecurity, data breach, Global Security News, Security
Discord Says Hackers Stole 70,000 ID Photos, Dismisses Extortion Claims
70,000 Discord users had government ID photos and private data exposed via a third-party vendor breach. See Discord’s full response and critical security steps to protect your identity.
cyber attack, cyber attacks, Cybersecurity, data breach, Global Security News, Security
Discord Says Hackers Stole 70,000 ID Photos, Dismisses Extortion Claims
70,000 Discord users had government ID photos and private data exposed via a third-party vendor breach. See Discord’s full response and critical security steps to protect your identity.
cyber attack, cyber attacks, Cybersecurity, data breach, Global Security News, Security
Discord Says Hackers Stole 70,000 ID Photos, Dismisses Extortion Claims
70,000 Discord users had government ID photos and private data exposed via a third-party vendor breach. See Discord’s full response and critical security steps to protect your identity.
cyber attack, cyber attacks, Cybersecurity, data breach, Global Security News, Security
Discord Says Hackers Stole 70,000 ID Photos, Dismisses Extortion Claims
70,000 Discord users had government ID photos and private data exposed via a third-party vendor breach. See Discord’s full response and critical security steps to protect your identity.
cyber attack, cyber attacks, Cybersecurity, data breach, Global Security News, Security
Discord Says Hackers Stole 70,000 ID Photos, Dismisses Extortion Claims
70,000 Discord users had government ID photos and private data exposed via a third-party vendor breach. See Discord’s full response and critical security steps to protect your identity.
cyber attack, cyber attacks, Cybersecurity, data breach, Global Security News, Security
Discord Says Hackers Stole 70,000 ID Photos, Dismisses Extortion Claims
70,000 Discord users had government ID photos and private data exposed via a third-party vendor breach. See Discord’s full response and critical security steps to protect your identity.
cyber attack, cyber attacks, Cybersecurity, data breach, Global Security News, Security
Discord Says Hackers Stole 70,000 ID Photos, Dismisses Extortion Claims
70,000 Discord users had government ID photos and private data exposed via a third-party vendor breach. See Discord’s full response and critical security steps to protect your identity.
Breaking News, data breach, Global Security News, hacking, Security
Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users
All SonicWall Cloud Backup users were impacted after hackers stole firewall configuration files from the MySonicWall service in early September. Threat actors stole firewall configuration backups from SonicWall’s cloud service, impacting all users of its MySonicWall cloud backup platform. In September, SonicWall urged customers to reset credentials after firewall backup files tied to MySonicWall accounts…
Breaking News, data breach, Global Security News, hacking, Security
Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users
All SonicWall Cloud Backup users were impacted after hackers stole firewall configuration files from the MySonicWall service in early September. Threat actors stole firewall configuration backups from SonicWall’s cloud service, impacting all users of its MySonicWall cloud backup platform. In September, SonicWall urged customers to reset credentials after firewall backup files tied to MySonicWall accounts…
Breaking News, data breach, Global Security News, hacking, Security
Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users
All SonicWall Cloud Backup users were impacted after hackers stole firewall configuration files from the MySonicWall service in early September. Threat actors stole firewall configuration backups from SonicWall’s cloud service, impacting all users of its MySonicWall cloud backup platform. In September, SonicWall urged customers to reset credentials after firewall backup files tied to MySonicWall accounts…
Breaking News, data breach, Global Security News, hacking, Security
Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users
All SonicWall Cloud Backup users were impacted after hackers stole firewall configuration files from the MySonicWall service in early September. Threat actors stole firewall configuration backups from SonicWall’s cloud service, impacting all users of its MySonicWall cloud backup platform. In September, SonicWall urged customers to reset credentials after firewall backup files tied to MySonicWall accounts…
Breaking News, data breach, Global Security News, hacking, Security
Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users
All SonicWall Cloud Backup users were impacted after hackers stole firewall configuration files from the MySonicWall service in early September. Threat actors stole firewall configuration backups from SonicWall’s cloud service, impacting all users of its MySonicWall cloud backup platform. In September, SonicWall urged customers to reset credentials after firewall backup files tied to MySonicWall accounts…
Breaking News, data breach, Global Security News, hacking, Security
Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users
All SonicWall Cloud Backup users were impacted after hackers stole firewall configuration files from the MySonicWall service in early September. Threat actors stole firewall configuration backups from SonicWall’s cloud service, impacting all users of its MySonicWall cloud backup platform. In September, SonicWall urged customers to reset credentials after firewall backup files tied to MySonicWall accounts…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Discord denies massive breach, confirms limited exposure of 70K ID photos
Discord won’t pay threat actors claiming 5.5M user breach, saying only about 70K ID photos were actually exposed. Discord announced it won’t pay the threat actors claiming to have stolen data on 5.5M users, clarifying that only about 70K ID photos were actually exposed. The attackers claimed they have breached Discord’s Zendesk support instance, but…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Discord denies massive breach, confirms limited exposure of 70K ID photos
Discord won’t pay threat actors claiming 5.5M user breach, saying only about 70K ID photos were actually exposed. Discord announced it won’t pay the threat actors claiming to have stolen data on 5.5M users, clarifying that only about 70K ID photos were actually exposed. The attackers claimed they have breached Discord’s Zendesk support instance, but…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Discord denies massive breach, confirms limited exposure of 70K ID photos
Discord won’t pay threat actors claiming 5.5M user breach, saying only about 70K ID photos were actually exposed. Discord announced it won’t pay the threat actors claiming to have stolen data on 5.5M users, clarifying that only about 70K ID photos were actually exposed. The attackers claimed they have breached Discord’s Zendesk support instance, but…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Discord denies massive breach, confirms limited exposure of 70K ID photos
Discord won’t pay threat actors claiming 5.5M user breach, saying only about 70K ID photos were actually exposed. Discord announced it won’t pay the threat actors claiming to have stolen data on 5.5M users, clarifying that only about 70K ID photos were actually exposed. The attackers claimed they have breached Discord’s Zendesk support instance, but…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Discord denies massive breach, confirms limited exposure of 70K ID photos
Discord won’t pay threat actors claiming 5.5M user breach, saying only about 70K ID photos were actually exposed. Discord announced it won’t pay the threat actors claiming to have stolen data on 5.5M users, clarifying that only about 70K ID photos were actually exposed. The attackers claimed they have breached Discord’s Zendesk support instance, but…
Breaking News, cyber crime, data breach, Europe, Global Security News, malware, Security
Qilin ransomware claimed responsibility for the attack on the beer giant Asahi
Qilin ransomware claimed responsibility for the recent attack on the beer giant Asahi that disrupted operations in Japan. Asahi Group Holdings, Ltd (commonly called Asahi) is Japan’s largest brewing company, known for producing top-selling beers like Asahi Super Dry, as well as soft drinks and other beverages. It operates both domestically and internationally, with a…
Breaking News, cyber crime, data breach, Europe, Global Security News, malware, Security
Qilin ransomware claimed responsibility for the attack on the beer giant Asahi
Qilin ransomware claimed responsibility for the recent attack on the beer giant Asahi that disrupted operations in Japan. Asahi Group Holdings, Ltd (commonly called Asahi) is Japan’s largest brewing company, known for producing top-selling beers like Asahi Super Dry, as well as soft drinks and other beverages. It operates both domestically and internationally, with a…
Breaking News, cyber crime, data breach, Europe, Global Security News, malware, Security
Qilin ransomware claimed responsibility for the attack on the beer giant Asahi
Qilin ransomware claimed responsibility for the recent attack on the beer giant Asahi that disrupted operations in Japan. Asahi Group Holdings, Ltd (commonly called Asahi) is Japan’s largest brewing company, known for producing top-selling beers like Asahi Super Dry, as well as soft drinks and other beverages. It operates both domestically and internationally, with a…
Breaking News, cyber crime, data breach, Europe, Global Security News, malware, Security
Qilin ransomware claimed responsibility for the attack on the beer giant Asahi
Qilin ransomware claimed responsibility for the recent attack on the beer giant Asahi that disrupted operations in Japan. Asahi Group Holdings, Ltd (commonly called Asahi) is Japan’s largest brewing company, known for producing top-selling beers like Asahi Super Dry, as well as soft drinks and other beverages. It operates both domestically and internationally, with a…
children, cyber attack, cyber crime, Cybersecurity, data breach, Global Security News
UK Police Arrest Two Teens Over Kido Nursery Ransomware Attack
Met Police arrested two teenagers over the Kido nursery ransomware attack, which exposed data for 8,000 children. Full details on the hack and police investigation.
children, cyber attack, cyber crime, Cybersecurity, data breach, Global Security News
UK Police Arrest Two Teens Over Kido Nursery Ransomware Attack
Met Police arrested two teenagers over the Kido nursery ransomware attack, which exposed data for 8,000 children. Full details on the hack and police investigation.
children, cyber attack, cyber crime, Cybersecurity, data breach, Global Security News
UK Police Arrest Two Teens Over Kido Nursery Ransomware Attack
Met Police arrested two teenagers over the Kido nursery ransomware attack, which exposed data for 8,000 children. Full details on the hack and police investigation.
children, cyber attack, cyber crime, Cybersecurity, data breach, Global Security News
UK Police Arrest Two Teens Over Kido Nursery Ransomware Attack
Met Police arrested two teenagers over the Kido nursery ransomware attack, which exposed data for 8,000 children. Full details on the hack and police investigation.
children, cyber attack, cyber crime, Cybersecurity, data breach, Global Security News
UK Police Arrest Two Teens Over Kido Nursery Ransomware Attack
Met Police arrested two teenagers over the Kido nursery ransomware attack, which exposed data for 8,000 children. Full details on the hack and police investigation.
children, cyber attack, cyber crime, Cybersecurity, data breach, Global Security News
UK Police Arrest Two Teens Over Kido Nursery Ransomware Attack
Met Police arrested two teenagers over the Kido nursery ransomware attack, which exposed data for 8,000 children. Full details on the hack and police investigation.
data breach, Data loss, Global Security News, Guest blog, Salesforce, vishing
Salesforce data breach: what you need to know
The Scattered LAPSUS$ Hunters hacking group claims to have accessed data from around 40 customers of Salesforce, the cloud-based customer relationship management service, stealing almost one billion records. Read more in my article on the Fortra blog.
data breach, Data loss, discord, Global Security News, Guest blog
Discord users’ data stolen by hackers in third-party data breach
Discord has confirmed that users who contacted its customer support service have had their data stolen by hackers, who have attempted to extort a ransom from the company. Read more in my article on the Hot for Security blog.
AI, data breach, Data loss, Global Security News, Podcast, vulnerability
Smashing Security podcast #437: Salesforce’s trusted domain of doom
Researchers uncovered a security flaw in Salesforce’s shiny new Agentforce. The vulnerability, dubbed “ForcedLeak”, let them smuggle AI-read instructions in via humble Web-to-Lead form… and ended up spilling data for the low, low price of five dollars. And we discuss why data breach communicationss still default to “we take security seriously” while quietly implying “assume…
data breach, Data loss, Global Security News, Guest blog, malware, Ransomware
INC ransomware: what you need to know
INC is the name of a ransomware-as-a-service (RaaS) operation that first appeared in late summer 2023. Learn more about what it has been up to, and how to protect against its attacks, in my article on the Fortra blog.
data breach, Data loss, Global Security News, Guest blog, Law & order, privacy
Vastaamo psychotherapy hack: US citizen charged in latest twist of notorious data breach
28-year-old Daniel Lee Newhard, an American citizen living in Estonia, has been charged in relation to the notorious hack of Vastaamo, the biggest data breach in Finnish history. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Gucci, Guest blog, Ransomware
Luxury fashion brands Gucci, Balenciaga and Alexander McQueen hacked – customer data stolen
Luxury fashion group Kering – owner of the prestigious Gucci, Balenciaga, and Alexander McQueen brands, amongst others – has confirmed that hackers stole customer data from its systems in June 2025. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, rail
British rail passengers urged to stay on guard after hack signals failure
Passengers of the UK’s state-owned London North Eastern Railway (LNER) have been warned to be vigilant after cybercriminals accessed traveller’s contact details and some information about past journeys. Read more in my article on the Hot for Security blog.
Breaking News, cyber crime, data breach, Global Security News, hacking
UK train operator LNER (London North Eastern Railway) discloses a data breach
LNER warns of a data breach via a third-party supplier, exposing customer contact details and other personal information. UK train operator LNER (London North Eastern Railway) reported a data breach through a third-party supplier, compromising customer contact details and other personal information. LNER (London North Eastern Railway) is a British train operator running passenger services…
cyber attack, cyber attacks, Cybersecurity, data breach, Global Security News, Security
UK Rail Operator LNER Confirms Cyber Attack Exposing Passenger Data
LNER cyber attack exposes passenger contact details and journey data. No financial information or passwords were taken, but…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, Security
Jaguar Land Rover discloses a data breach after recent cyberattack
Jaguar Land Rover confirms a cyberattack caused factory disruptions and led to a data breach, compromising sensitive information. In early September, Jaguar Land Rover shut down systems to mitigate a cyberattack that disrupted production and retail operations. The attack also impacted systems at the Solihull production plant. UK dealers reported JLR disruptions blocking car registrations…
cyber attack, data breach, Global Security News, leaks, privacy, Security
Hello Gym Data Leak Exposes 1.6 Million Audio Files of Gym Members
An unsecured database managed by Hello Gym has exposed over 1.6 million audio recordings of gym members. Learn…
cyber attack, data breach, Global Security News, leaks, privacy, Security
Hello Gym Data Leak Exposes 1.6 Million Audio Files of Gym Members
An unsecured database managed by Hello Gym has exposed over 1.6 million audio recordings of gym members. Learn…
data breach, Data loss, Global Security News, Guest blog, RansomHub, Ransomware
Lovesac warns customers their data was breached after suspected RansomHub attack six months ago
American furniture maker Lovesac, known for its modular couches and comfy beanbags, has warned customers that their data was breached by hackers earlier this year, and that they should remain vigilant to the threat of identity theft. Read more in my article on the Hot for Security blog.
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack
Hackers breached Salesloft’s GitHub in March, stole tokens, and used them in a mass attack on several major tech customers. Salesloft revealed that the threat actor UNC6395 breached its GitHub account in March, stealing authentication tokens that were later used in a large-scale attack against several major tech customers. Salesforce data theft attacks impacted major…
Breaking News, Cybercrime, data breach, Global Security News, hacking
Canadian investment platform Wealthsimple disclosed a data breach
Wealthsimple reported a data breach affecting some customers due to a supply chain attack via a third-party software package. Canadian investment platform Wealthsimple disclosed a data breach that impacted some customers. The company discovered the security breach on August 30, which stemmed from a supply chain attack via a trusted third-party software package. “On August 30th,…
data breach, Exploits, Global Security News
GhostAction campaign steals 3325 secrets in GitHub supply chain attack
GitGuardian has disclosed a new software supply chain attack campaign, dubbed GhostAction, that exfiltrated thousands of sensitive credentials before being detected and contained on September 5. The attackers manipulated GitHub Actions workflows, the automated processes defined in a GitHub repository in response to specific events, to steal 3325 secrets from 327 users across 817 repositories.…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, Security
Security Affairs newsletter Round 540 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Qantas cuts executive bonuses by 15% after a July data breach MeetC2 – A serverless C2…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Qantas cuts executive bonuses by 15% after a July data breach
Qantas cuts executive bonuses by 15% after a July cyberattack exposed data of 5.7M people, despite reporting $1.5B profit last fiscal year. Qantas cuts executive bonuses by 15% after a July cyberattack that exposed data of 5.7M people, despite posting $1.5B profit in the last fiscal year. This case study demonstrates that a security breach…
data breach, Global Security News, Jeremiah Fowler, leaks, Security
Misconfigured Server Leaks 378GB of Navy Federal Credit Union Files
Cybersecurity researcher Jeremiah Fowler discovered an unsecured and misconfigured server exposing 378 GB of internal Navy Federal Credit…
CloudFlare, cyber attacks, Cybersecurity, data breach, Global Security News, Security
Cloudflare Confirms Data Breach Linked to Salesforce and Salesloft Drift
Cloudflare confirms a Salesforce-linked data breach via Salesloft Drift, exposing customer support case data but leaving core systems…