Data Breaches & Leaks
Latest data breaches, leaks, and exposures
71 articles
Google security engineer accused of turning confidential search trends into a $1.2M win on Polymarket
A Google security engineer is accused of misusing internal access to confidential search trend data to make an alleged $1.2M on a prediction market.
Lawmakers demand answers as CISA tries to contain data leak
CISA faces congressional inquiry after a contractor intentionally leaked AWS GovCloud keys and other secrets, highlighting severe insider threat vulne
CISA contractor exposed sensitive AWS GovCloud keys on public GitHub
A CISA contractor exposed highly privileged AWS GovCloud keys and internal system data on a public GitHub repo, a major security lapse for the US cybe
Instructure reaches ransom agreement with ShinyHunters to stop 3.65TB Canvas leak
Instructure, the parent company of Canvas, has paid a ransom to the ShinyHunters cybercrime group to prevent a massive 3.65TB data leak affecting mill
Colorado governor's commutation of Tina Peters' sentence reignites election security debate
Gov. Polis commuted the sentence of an official convicted of stealing voting data, a move critics say weakens deterrence for insider threats to electi
A dangerous deal: The anatomy of the Pearson data breach and the ransom paid for deletion
A deep dive into the Pearson data breach, where a deal with Medusa ransomware hackers was struck to delete student data stolen via a third-party vendo
Instructure's 'agreement' with ShinyHunters highlights the perilous reality of data extortion
Instructure, maker of the Canvas LMS, reached an "agreement" with ShinyHunters to stop a data leak, highlighting the grim reality of cyber extortion.
A hypothetical Canvas breach would be a cataclysm for U.S. education
A hypothetical data extortion attack on the education platform Canvas highlights the systemic risk posed to millions of students and thousands of scho
Medical data of 500,000 Britons allegedly for sale on Chinese marketplace
An in-depth analysis of the alleged sale of UK Biobank data for 500,000 Britons, exploring the technical vector, impact, and how to stay safe.
A 2013 hack revealed Russia's drone program relied 90% on Chinese parts
A 2013 hack by Shaltai Boltai revealed Russia's MVD drone project was 90% reliant on Chinese electronics, exposing a critical supply chain vulnerabili
Anatomy of a heist: How North Korean hackers allegedly stole $290 million in crypto this year
A series of 2023 crypto heists totaling $290M has been linked to North Korea's Lazarus Group, exposing critical vulnerabilities in the DeFi space.
Grinex exchange blames 'Western intelligence' for $13.7M crypto hack, but evidence suggests an exit scam
A Kyrgyzstan-based crypto exchange claims a $13.7M hack by Western spies, but the lack of evidence and classic warning signs point to a probable exit
Over 100 malicious Chrome extensions found stealing data and creating backdoors
A detailed analysis of a coordinated campaign where over 100 malicious Chrome extensions compromised 4 million users, stealing data and creating backd
Kraken extortion attempt highlights the fine line between security research and crime
Cryptocurrency exchange Kraken revealed an extortion attempt after a “researcher” exploited a bug to steal $3M, blurring the line between hacking and
Over 100 Chrome extensions caught stealing user accounts and data
Over 100 malicious Chrome extensions with 1.6M+ downloads were found stealing Google OAuth tokens, enabling full account takeover and ad fraud.
Rockstar Games data leaked online following breach at analytics partner
Data allegedly belonging to Rockstar Games has been leaked by the ShinyHunters gang after a breach at third-party analytics vendor Anodot.
Passport numbers for more than 300,000 leaked during December Eurail data breach
Eurail.com suffered a major data breach, exposing passport numbers and other PII for over 300,000 customers after a hacker exploited an exposed API to
Hims breach exposes the most sensitive kinds of PHI
Telehealth giant Hims & Hers exposed sensitive health data of nearly 400,000 users, creating a severe risk of targeted blackmail, fraud, and extortion
The anatomy of a non-leak: How a public Orbán quote became a cybersecurity myth
A viral story claimed a 'leaked call' exposed a Hungarian leader's comments. The truth? It was a public interview. A case study in misinformation.
Breach exposes sensitive LAPD files stored in city attorney system
A deep dive into the LockBit ransomware attack on the LA City Attorney's office, which exposed 7.7 TB of sensitive LAPD files and personal data.
Massachusetts hospital diverts ambulances as cyberattack causes major disruption
A cyberattack on Signature Healthcare forced a Massachusetts hospital to divert ambulances and cancel services, highlighting the severe consequences o
The $280 million Drift Protocol hack that never happened: A case study in crypto misinformation
A fabricated $280M hack of Drift Protocol highlights the growing threat of misinformation in crypto, proving that a convincing lie can be as damaging
A Massachusetts hospital is diverting ambulances, revealing a healthcare system under digital siege
Signature Healthcare's ongoing cyberattack forces ambulance diversions and a return to paper records, highlighting the grave patient safety risks of c
Infinite Campus warns of breach after ShinyHunters claims data theft
Infinite Campus, a major K-12 student information system, confirms a data breach after the notorious ShinyHunters group attempted extortion.