Latest Data Leak news

INC Ransom threatens to leak 3TB of NHS Scotland stolen data

The INC Ransom extortion gang is threatening to publish three terabytes of data allegedly stolen after breaching the National Health Service (NHS) of Scotland.
- Bill Toulas
- March 27, 2024
- 01:59 PM
- 0
Misconfigured Firebase instances leaked 19 million plaintext passwords

Three cybersecurity researchers discovered close to 19 million plaintext passwords exposed on the public internet by misconfigured instances of Firebase, a Google platform for hosting databases, cloud computing, and app development.
- Ionut Ilascu
- March 19, 2024
- 07:25 PM
- 2
AT&T says leaked data of 70 million people is not from its systems

AT&T says a massive trove of data impacting 71 million people did not originate from its systems after a hacker leaked it on a cybercrime forum and claimed it was stolen in a 2021 breach of the company.
- Lawrence Abrams
- March 17, 2024
- 07:24 PM
- 2
Nissan confirms ransomware attack exposed data of 100,000 people

Nissan Oceania is warning of a data breach impacting 100,000 people after suffering a cyberattack in December 2023 that was claimed by the Akira ransomware operation.
- Bill Toulas
- March 14, 2024
- 09:04 AM
- 0
Acer confirms Philippines employee data leaked on hacking forum

Acer Philippines confirmed that employee data was stolen in an attack on a third-party vendor who manages the company's employee attendance data after a threat actor leaked the data on a hacking forum.
- Bill Toulas
- March 12, 2024
- 03:31 PM
- 0
Over 12 million auth secrets and keys leaked on GitHub in 2023

GitHub users accidentally exposed 12.8 million authentication and sensitive secrets in over 3 million public repositories during 2023, with the vast majority remaining valid after five days.
- Bill Toulas
- March 12, 2024
- 11:23 AM
- 4
Ukraine claims it hacked Russian Ministry of Defense servers

The Main Intelligence Directorate (GUR) of Ukraine's Ministry of Defense claims that it breached the servers of the Russian Ministry of Defense (Minoborony) and stole sensitive documents.
- Bill Toulas
- March 04, 2024
- 10:41 AM
- 2
GitHub enables push protection by default to stop secrets leak

GitHub has enabled push protection by default for all public repositories to prevent accidental exposure of secrets such as access tokens and API keys when pushing new code.
- Sergiu Gatlan
- February 29, 2024
- 01:57 PM
- 0
20 million Cutout.Pro user records leaked on data breach forum

AI service Cutout.Pro has suffered a data breach exposing the personal information of 20 million members, including email addresses, hashed and salted passwords, IP addresses, and names.
- Bill Toulas
- February 29, 2024
- 10:56 AM
- 0
Insomniac Games alerts employees hit by ransomware data breach

Sony subsidiary Insomniac Games is sending data breach notification letters to employees whose personal information was stolen and leaked online following a Rhysida ransomware attack in November.
- Sergiu Gatlan
- February 23, 2024
- 01:56 PM
- 0
Cactus ransomware claim to steal 1.5TB of Schneider Electric data

The Cactus ransomware gang claims they stole 1.5TB of data from Schneider Electric after breaching the company's network last month.
- Sergiu Gatlan
- February 19, 2024
- 02:35 PM
- 0
LockBit claims ransomware attack on Fulton County, Georgia

The LockBit ransomware gang claims to be behind the recent cyberattack on Fulton County, Georgia, and is threatening to publish "confidential" documents if a ransom is not paid.
- Ionut Ilascu
- February 14, 2024
- 06:07 PM
- 0
200,000 Facebook Marketplace user records leaked on hacking forum

A threat actor leaked 200,000 records on a hacker forum, claiming they contained the mobile phone numbers, email addresses, and other personal information of Facebook Marketplace users.
- Sergiu Gatlan
- February 13, 2024
- 02:30 PM
- 5
ExpressVPN bug has been leaking some DNS requests for years

ExpressVPN has removed the split tunneling feature from the latest version of its software after finding that a bug exposed the domains users were visiting to configured DNS servers.
- Bill Toulas
- February 11, 2024
- 10:09 AM
- 0
DHS employees jailed for stealing data of 200K U.S. govt workers

Three former Department of Homeland Security (DHS) employees were sentenced to prison for stealing proprietary U.S. government software and databases containing the personal data of 200,000 federal employees.
- Bill Toulas
- January 29, 2024
- 10:31 AM
- 1
23andMe data breach: Hackers stole raw genotype data, health reports

Genetic testing provider 23andMe confirmed that hackers stole health reports and raw genotype data of customers affected by a credential stuffing attack that went unnoticed for five months, from April 29 to September 27.
- Sergiu Gatlan
- January 25, 2024
- 05:05 PM
- 0
Trello API abused to link email addresses to 15 million accounts

An exposed Trello API allows linking private email addresses with Trello accounts, enabling the creation of millions of data profiles containing both public and private information.
- Lawrence Abrams
- January 23, 2024
- 04:31 PM
- 0
Jason’s Deli says customer data exposed in credential stuffing attack

Jason's Deli is warning of a data breach in notifications sent to customers of its online platform stating that their personal data was exposed in credential stuffing attacks.
- Bill Toulas
- January 23, 2024
- 11:44 AM
- 1
AMD, Apple, Qualcomm GPUs leak AI data in LeftoverLocals attacks

A new vulnerability dubbed 'LeftoverLocals' affecting graphics processing units from AMD, Apple, Qualcomm, and Imagination Technologies allows retrieving data from the local memory space.
- Bill Toulas
- January 17, 2024
- 10:32 AM
- 1
Pro-Ukraine hackers breach Russian ISP in revenge for KyivStar attack

A pro-Ukraine hacktivist group named 'Blackjack' has claimed a cyberattack against Russian provider of internet services M9com as a direct response to the attack against Kyivstar mobile operator.
- Bill Toulas
- January 10, 2024
- 02:43 PM
- 0