Geek-Guy.com

Tag: breach

AI, Data Breaches, Global Security News, Government & Policy, Network Security, privacy, Risk Management

1,000 Data Breaches Later, the Disclosure Lag is Worse Than Ever

Today, I loaded the 1,000th data breach into Have I Been Pwned. Reflecting on that milestone number, I pondered how to mark the occasion in writing, and what immediately came to mind was a very simple question: why is it still needed? Especially considering the emergence of privacy regulations such as GDPR and CCPA in…

Read more →

AI, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Carnival Data Breach Impacts Nearly 6 Million Customers

A data breach at Carnival Corporation has exposed the personal information of nearly six million individuals, showing the continued effectiveness of social engineering attacks against large enterprises.  The company confirmed that threat actors gained access to portions of its network in Apr. 2026, resulting in the theft of customer data. “On April 14, 2026, the…

Read more →

AI, Data Breaches, Global Security News, Government & Policy, Risk Management

Carnival Data Breach Exposes Personal Data of Nearly 6 Million Customers

Carnival disclosed a data breach affecting nearly 6 million people after hackers used social engineering to access employee accounts. Carnival Corporation is notifying nearly 6 million people after a data breach exposed personal information. According to the notification shared with the Maine Attorney General’s Office, the total number of persons affected is 5,995,277. The company said…

Read more →

AI, Data Breaches, Global Security News

Cybercriminals sail away with data from 6 million Carnival customers

Carnival Corporation, one of the world’s largest cruise operators, confirmed a data breach weeks after the ShinyHunters hacking group claimed it had stolen millions of customer records. Carnival acknowledged a phishing incident involving a single employee account and stated that it was investigating the scope of the unauthorized activity. “On April 14, 2026, the company’s…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Network Security

Third-Party Cyberattack Impacts Patient Information at The Oncology Institute

The Oncology Institute disclosed a data breach tied to a third-party vendor, potentially exposing patient information after a 2025 cyberattack. The Oncology Institute has confirmed that patient information was impacted in a cybersecurity incident involving a third-party software provider. The healthcare network first disclosed the security breach in November 2025 while the vendor’s investigation was…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

2026 Verizon DBIR: The New Era of Cyber Threats 

The 2026 Verizon Data Breach Investigations Report (DBIR) paints a clearer picture of today’s cybersecurity landscape: attackers are moving faster, artificial intelligence is accelerating cybercrime, and organizations continue to struggle with foundational security practices.  Key Takeaways from the 2026 Verizon DBIR Report Vulnerability exploitation (31%) overtook credential abuse (13%) as the top initial access vector…

Read more →

AI, Data Breaches, Endpoint, Exploits, Global Security News, malware

GitHub admits major source code leak after 3,800 internal repositories breached

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers exfiltrated code from around 3,800 of the company’s internal repositories. News of the incident first emerged on May 19, when GitHub said it was investigating “unauthorized access.” Hours later, the company’s X account confirmed the worst: “Yesterday we…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Global Security News, Risk Management

Grafana confirms GitHub token breach cybercrime group claims the attack

Grafana confirmed a GitHub token breach that exposed source code, but said no customer data or systems were affected. Grafana Labs confirmed a security incident after the extortion group Coinbase Cartel listed it on a leak site and claimed data theft on May 15. The breach was triggered by a compromised token that gave attackers…

Read more →

AI, Apps, Data Breaches, Europe, Global Security News

ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed

7-Eleven confirmed a breach after ShinyHunters claimed theft of over 600,000 Salesforce records and franchisee data. 7-Eleven has confirmed a data breach after the ShinyHunters hacking group claimed it stole more than 600,000 Salesforce records containing personal and corporate information. “Over 600k Salesforce records containing PII and other internal corporate data have been compromised.” The…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News

Smashing Security podcast #467: How ShinyHunters hacked the world’s biggest universities

Welcome to the largest educational data breach in history – affecting nearly 9,000 institutions, every Ivy League university, and 30 million students mid-finals. When Canvas’s parent company refused to pay and announced they had deployed “security patches” instead, the hackers were less than impressed. So they came back through the cat flap. Meanwhile, a famous…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News

OpenLoop Health confirms January 2026 Data breach affecting 716,000

In January 2026, telehealth infrastructure firm OpenLoop Health suffered a security breach that exposed information of 716,000 people. OpenLoop Health confirmed a January 2026 cyberattack that exposed personal information of 716,000 individuals using its telehealth services. The breach was reported to authorities in March, but the full scope was only recently determined. Threat actors exfiltrated…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Global Security News

Identity security firm SailPoint discloses GitHub repository breach

SailPoint disclosed a GitHub repository breach on April 20. The company contained the incident and said no customer data was affected. SailPoint is a cybersecurity company that provides identity security and identity governance solutions for enterprises. Its products help organizations manage and control user access to systems, applications, and sensitive data. SailPoint revealed a cybersecurity…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Global Security News, Risk Management

Breach Secure Now Helps MSPs Secure SMB AI Use

Breach Secure Now is launching its AI Risk to Adoption Program, a new channel-focused offering designed to help managed service providers guide small and midsize businesses from unmanaged AI use toward secure, structured adoption. Art Gross, founder and CEO of Breach Secure Now (BSN), said MSPs are well-positioned to lead those conversations because AI risk…

Read more →

AI, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, Risk Management

RansomHouse says it breached Trellix and exposes internal systems

RansomHouse claimed responsibility for the Trellix breach, adding the security firm to its Tor data leak site and sharing screenshots of internal systems. The RansomHouse ransomware group has claimed responsibility for the recent cyberattack on cybersecurity firm Trellix. To support its claims, the gang published screenshots allegedly showing access to internal Trellix services. In early…

Read more →

AI, Data Breaches, Europe, Exploits, Global Security News, Network Security

Zara Data Breach: 197,000 Customers Exposed in Third-Party Security Incident

Nearly 200,000 Zara customers were exposed in a third-party breach linked to ShinyHunters, revealing emails, purchase history, and support data. Personal data belonging to nearly 197,000 Zara customers has been compromised following a cyberattack on a former technology provider used by Inditex, the Spanish fashion giant behind some of the world’s most recognized retail brands…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News

One Click, Total Shutdown: The “Patient Zero” Webinar on Killing Stealth Breaches

The hardest part of cybersecurity isn’t the technology, it’s the people. Every major breach you’ve read about lately usually starts the same way: one employee, one clever email, and one “Patient Zero” infection. In 2026, hackers are using AI to make these “first clicks” nearly impossible to spot. If a single laptop gets compromised on…

Read more →

AI, Data Breaches, Europe, Exploits, Global Security News, Network Security

Vimeo confirms breach via third-party vendor impacts 119K users

Hackers stole data of 119,000 Vimeo users in April. The breach, linked to a third‑party vendor, exposed personal details. Vimeo confirmed a data breach after the ShinyHunters gang stole personal information of 119,000 users in April 2026. According to Have I Been Pwned, the attackers accessed user data through a compromise at Anodot, a third‑party…

Read more →

AI, Data Breaches, Global Security News, Government & Policy, Network Security

15-year-old detained over massive data breach at French government agency

French authorities have detained a 15-year-old suspected of involvement in a data breach at France Titres, the government agency responsible for issuing official documents. “Between 12 and 18 million data records were reportedly being offered for sale on cybercriminal forums by a hacker known as “breach3d,“ the Paris Prosecutor’s Office said in a press release.…

Read more →

AI, china, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security

Salt Typhoon breach IBM subsidiary in Italy: a warning for Europe’s digital defenses

April 2026 breach at Sistemi Informativi (IBM Italy) raises concerns over Chinese-linked cyber ops in Europe, including Salt Typhoon. In late April 2026, the Italian cybersecurity landscape was shaken by a significant breach targeting Sistemi Informativi, a company wholly owned by IBM Italy that provides IT infrastructure management for key public and private institutions. The…

Read more →

AI, Data Breaches, Exploits, Global Security News, Risk Management

Trellix discloses the breach of a code repository

Trellix disclosed a security breach affecting part of its source code repository, however, the company says there’s no sign of code misuse. Trellix revealed a breach that allowed unauthorized access to part of its source code repository. The company said it quickly launched an investigation with forensic experts and notified law enforcement. While the exact…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News

Trellix Confirms Source Code Breach With Unauthorized Repository Access

Cybersecurity company Trellix has announced that it suffered a breach that enabled unauthorized access to a “portion” of its source code. It said it “recently identified” the compromise of its source code repository and that it began working with “leading forensic experts” to resolve the matter immediately. It also said it has notified law enforcement…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Network Security

Medtronic discloses security incident after ShinyHunters claimed theft of 9M+ records

Medtronic confirmed a breach of its IT systems after ShinyHunters claimed the theft of over 9 million records. Medtronic confirmed a cyberattack on its corporate IT systems after the hacker group ShinyHunters claimed to have stolen over 9 million records. The company did not share details on the security breach. Medtronic is an international medical…

Read more →

AI, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, privacy

The Best VPNs for Small Businesses on a Budget in 2026

One wrong click. One rogue Wi-Fi connection. One stolen credential. That’s all it takes for a cybercriminal to breach your small business. And while you may not have an enterprise-sized budget, you still have plenty to lose: sensitive data, client trust, even your reputation. That’s where a virtual private network (VPN) comes in. A VPN…

Read more →

AI, Data Breaches, Global Security News

Luxury cosmetics giant Rituals discloses data breach impacting member personal details

Rituals disclosed a breach where hackers accessed and downloaded some My Rituals members’ data, including names and addresses. Luxury cosmetics giant Rituals disclosed a data breach impacting My Rituals members after attackers gained unauthorized access to its systems and downloaded part of the database. The security breach occurred earlier this month, and the company is…

Read more →

AI, Data Breaches, Global Security News, Government & Policy

Cyberattack on French government agency triggers phishing alert for users

France Titres, a French government agency, has disclosed a data breach that may have exposed user data from its online portal. France Titres, also known as the Agence nationale des titres sécurisés (ANTS), operates under the French Ministry of the Interior and manages systems for official identity and registration documents, including driver’s licences, national ID…

Read more →

AI, Data Breaches, Global Security News

Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials

Web infrastructure provider Vercel has disclosed a security breach that allows bad actors to gain unauthorized access to “certain” internal Vercel systems. The incident stemmed from the compromise of Context.ai, a third-party artificial intelligence (AI) tool, that was used by an employee at the company. “The attacker used that access to take over the employee’s…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, privacy, Risk Management

Ghost breaches: How AI-mediated narratives have become a new threat vector

A company wakes up to a news story claiming it has suffered a major data breach. The details are specific, technical and convincing. But the breach didn’t happen. No systems were compromised. No data was taken. A language model generated the entire story, filling in plausible details from scratch. And before the company can figure…

Read more →

AI, Data Breaches, Europe, Global Security News

Personal data of 1 million gym members compromised in Basic-Fit security incident

A breach at Basic-Fit exposed data of 1M members, including names, birth dates and bank details after unauthorized access. Basic-Fit, Europe’s largest gym chain, has disclosed a data breach affecting around 1 million members. Hackers gained unauthorized access to the company systems and stole personal. The gym chain said it recently detected the intrusion and…

Read more →

AI, Data Breaches, Global Security News

113,000 explicit prompts from AI girlfriend platform exposed, many linked to user IDs

MyLovely.AI, an AI girlfriend platform, suffered a data breach that exposed over 100,000 users. MyLovely.AI allows people to create personalized not safe for work (NSFW) content and engage in real-time conversations with AI-generated companions, often involving highly personal prompts and interactions. According to Have I Been Pwned, the breach exposed email addresses, user-created prompts, links…

Read more →

AI, china, Data Breaches, Exploits, Global Security News, Network Security

Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa

China-based actor Storm-1175 runs fast ransomware attacks, exploiting new flaws to breach systems and quickly deploy Medusa ransomware. China-based actor Storm-1175 carries out fast, financially driven ransomware attacks by exploiting newly disclosed vulnerabilities before organizations patch them. The group targets exposed systems and quickly moves from initial access to data theft and Medusa ransomware deployment,…

Read more →

AI, Data Breaches, Europe, Global Security News

Trivy supply chain attack enabled European Commission cloud breach

CERT-EU confirmed that ShinyHunters are behind the recent breach of the cloud infrastructure underpinning websites of the European Commission, and that they stole and subsequently leaked approximately 340 GB of data. “Analysis of the published dataset has so far confirmed the presence of personal data, including lists of names, last names, usernames, and email addresses,…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, privacy

Recent Navia data breach impacts HackerOne employee data

A Navia breach exposed personal data of nearly 300 HackerOne employees after attackers compromised the benefits provider. HackerOne revealed that a data breach at Navia Benefit Solutions exposed the personal information of nearly 300 of its employees. The incident stems from an attack on the third-party benefits provider, highlighting how breaches at external partners can…

Read more →

AI, Data Breaches, Global Security News

Data breach at Dutch Ministry of Finance impacts staff following cyberattack

Dutch Ministry of Finance disclosed a data breach affecting some employees following a cyberattack, investigation is ongoing. The Dutch Ministry of Finance disclosed a cyberattack detected on March 19 after a third-party alert. Attackers breached some internal systems, the incident impacted a “portion of the employees”. Authorities are still investigating the incident and its full…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security

QualDerm Partners December 2025 data breach impacts over 3 Million people

Over 3.1M people affected as QualDerm Partners suffered a December 2025 breach, exposing personal, medical, and health insurance data. Over 3.1 million people are affected by a December 2025 data breach at QualDerm Partners, where hackers stole personal, medical, and health insurance information from the company’s internal systems. QualDerm Partners is a U.S.-based healthcare management…

Read more →

AI, Data Breaches, Global Security News

Navia data breach impacts nearly 2.7 Million people

Navia Benefit Solutions data breach exposed 2.7M people after attackers accessed systems from December 2025 to January 2026. Navia Benefit Solutions disclosed a data breach affecting 2,697,540 individuals. The company detected suspicious activity on January 23, 2026 and quickly launched an investigation to assess the incident. Navia Benefit Solutions is a U.S.-based company that provides…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Global Security News, Network Security

Robotic surgery firm Intuitive reports data breach after targeted phishing attack

Intuitive suffered a phishing attack leading to a data breach exposing customer, employee, and corporate information. Intuitive is an American company that designs, manufactures, and sells robotic systems for minimally invasive surgery. Its most well-known products include the da Vinci Surgical System for general surgery and the Ion endoluminal system for precise procedures inside the…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Starbucks HR Portal Breach Exposes Employee Information

Starbucks has disclosed a data breach affecting hundreds of employees after attackers accessed internal HR accounts through phishing websites impersonating the company’s employee portal.  This incident exposed sensitive personal and financial information, raising concerns about potential identity theft and fraud. “The investigation has determined that an unauthorized third party accessed certain Starbucks Partner Central accounts…

Read more →

AI, Data Breaches, Global Security News, Network Security

Bell Ambulance data breach impacted over 238,000 people

Bell Ambulance confirms a February 2025 breach affecting 238,000 people, exposing personal, financial, and health information. Nearly 238,000 individuals are impacted by a February 2025 Bell Ambulance data breach. Bell Ambulance is a U.S.-based emergency medical services provider offering ambulance transport, paramedic care, and patient support. It serves communities with urgent medical response, interfacility transfers,…

Read more →