Data Breaches
Coupang Confirms Stunning, Damaging Leak of 34M Customers
If youve shopped on Coupang, keep an eye on your accounts: the company confirmed a suspected cyber-attack exposed personal data for about 34 million customers, prompting a police probe and warnings about fraud. The breach lays bare how one‑click convenience concentrates risk and is fueling renewed calls for tougher data safeguards.
Royal Borough of Kensington and Chelsea Exclusive: Major Leak
A suspected ransomware attack on the Royal Borough of Kensington and Chelsea is a stark wake-up call about how much of our lives we trust to local councils. Beyond locked systems, exposed personal records and disrupted services can leave residents — especially the vulnerable — at risk of fraud, identity theft and real harm.
French Football Federation Exclusive: Damaging Data Breach
Imagine names, birthdates and contact details for more than two million amateur players suddenly exposed — that’s the frightening possibility tied to a suspected breach at the French Football Federation. Players and parents should be on alert for phishing and scams while the federation works to lock down access and notify those affected.
OpenAI Warns: Exclusive Critical Mixpanel Breach
OpenAI is urging users to rotate keys and audit integrations after a Mixpanel breach that may have exposed leaked API keys and telemetry — a wake‑up call that third‑party analytics can become an attack vector overnight.
OpenAI Exclusive: Critical Mixpanel Breach Hits API Users
A critical Mixpanel breach has put API users data at risk. Read our exclusive breakdown of what happened, whos affected, and simple steps you can take now to protect your apps.
Cyber-Attack Exclusive: Severe OnSolve CodeRED Outage
Imagine the sirens going silent: when INC Ransom hit OnSolve’s CodeRED, communities missed vital alerts and scrambled to improvise slow, unreliable backups. The outage — and exposed user data — lays bare how dangerously dependent public safety has become on just a few commercial providers.
DoorDash Confirms Data Breach: Exclusive Alarming Details
DoorDash data breach confirmed — get our exclusive, alarming details on what was exposed, who’s at risk, and the quick steps you can take right now to protect your information.
Synnovis Issues Exclusive Breach Notice After Damaging Hack
Synnovis breach notice: after a damaging hack the company has issued an exclusive alert — here’s what was exposed, who’s affected, and simple steps you can take now to protect yourself.
AI Companies: Stunning 65% Leak of Dangerous Secrets
A new study finds about 65% of leading AI companies have accidentally exposed sensitive secrets in public Git repositories like GitHub. Researchers warn those leaks — from API keys to model endpoints — could create stealthy “shadow access” and threaten roughly $400 billion in assets.
SonicWall Exclusive: State Crew Tied to Severe Breach
Think spies, not crooks — SonicWall says a state‑backed crew accessed customer firewall configuration backups, exposing blueprints for precise, targeted attacks. If you used their cloud backups, assume compromise: rotate keys and credentials, run a forensic review, and lock down remote access now.
M&S Exclusive: Stunning £136M Cyber Cleanup Fuels Slump
Which is worse — a day of down tills or a quiet drain on cash and trust? For M&S, Aprils cyberattack did both: systems are back, but a £136m cleanup bill now threatens cash, customer confidence and the retailer’s recovery.
Conduent Data Breach: Stunning, Severe Impact on 10.5M
A single contractor’s lapse exposed the financial and personal records of 10.5 million people — the Conduent data breach shows how concentrated services can turn vendors into high-stakes targets. Read on to learn what went wrong, who’s at risk, and what comes next.
Proton Exclusive: Alarming 300M Records Compromised
More than 300 million records have surfaced on the dark web — a startling tally that often mixes new leaks, resurfaced data and partial overlaps. Here’s what that number really means for your emails, passwords and IDs, and the simple steps you can take right now to protect yourself.
Postcode Lottery Exclusive: Damaging Data Slip
People’s Postcode Lottery says a “technical error” briefly exposed some customer data and has since fixed the fault. But with no clear details on what leaked, how many were affected, or what protections are being offered, customers are understandably left wondering who will cover the fallout.
EY Exposes 4TB SQL DB: Exclusive Critical Breach
When the vault is unlocked: a researcher reportedly found a 4TB SQL DB backup tied to EY sitting exposed on the open web, potentially leaking vast amounts of sensitive data. Its a blunt wake‑up call — backups must be encrypted, access‑restricted, and treated as compromised the moment theyre reachable.
Dentsu Exclusive: Critical Staff Warning After Merkle Raid
A terse Dentsu alert revealed payroll and bank details may have been exposed in a cyberattack on Merkle, turning a corporate incident into a personal scramble to protect paychecks, identities and livelihoods.
Google Exclusive: Gmail Breach Claims Overblown
Headlines claiming 183 million Gmail accounts were hacked sparked panic, but Google says the scare is overblown. Security experts say the list is mostly recycled, aggregated credentials from older leaks—still risky for reused passwords, but not proof of a fresh Gmail-wide breach.
Breach: Stunning, Damaging Student Data Leak at Iran Lab
A stunning student data leak at Iran’s Ravin Academy has exposed names and personal details of trainees and affiliates. Beyond putting people at risk, the breach raises troubling questions about the security and credibility of the state-run cyber programs meant to project power online.
MuddyWater Exclusive: Devastating 100+ Government Breach
A single compromised mailbox and an attacker-controlled VPN quietly became the battering ram for a MuddyWater espionage campaign that infiltrated more than 100 government networks across the Middle East and North Africa. Group‑IB’s analysis shows the actors used trusted email, credential harvesting, and stealthy lateral movement to maintain months-long access and siphon sensitive diplomatic and personnel data.
Toys R Us Canada Exclusive: Alarming Data Dump
Toys R Us Canada just warned customers that attackers accessed and posted a database — including names, purchases and possibly payment details — so check your accounts, enable alerts or two‑factor auth, and replace cards if needed. This breach also underscores a familiar, avoidable security problem that keeps putting shoppers at risk.
Toys R Us Canada Exclusive: Customer Data Stolen Online
What happens when a beloved store feels less safe? Toys R Us Canada says attackers accessed a customer database and posted some personal information online—reportedly not payment card numbers or passwords—leaving tens of thousands of Canadians worried as the investigation continues and no credit monitoring has been offered yet.
Iran’s MuddyWater Exclusive: Alarming Breach Hits 100+ Govt
Using one compromised mailbox and a rented VPN, MuddyWater quietly slipped into over 100 government networks across the Middle East and North Africa; its a sobering reminder that cheap, old-school tradecraft—phishing, account takeovers, and credential theft—still outsmarts defenders chasing flashy exploits.
Toys R Us Canada Exclusive: Alarming Customer Data Dump
Toys R Us Canada is at the center of a troubling customer data dump — attackers accessed and posted some customer info online. Shoppers are rightly alarmed and demanding clear answers and real protections after the retailer’s brief notice.
Toys R Us Canada Exclusive: Severe customer data breach
Toys R Us Canada customers woke up to a troubling disclosure: an unauthorized party accessed and published parts of a customer database, exposing names, contact details and some payment-related fields. The company’s response—without offering free credit monitoring—has left shoppers and privacy advocates demanding answers.