Data Breaches
13 articles RSS
Drift Protocol Suffers $285 Million Exploit in Largest DeFi Hack of 2026 as Analysts Point to North Korea
Attackers used Solana's durable nonce feature to hijack Drift's governance and drain $285 million in 12 minutes, with blockchain forensics firms linking the heist to North Korean operatives.
Italy Fines Intesa Sanpaolo Nearly 50 Million Euros in March After Insider Breach Went Undetected for Two Years
Italy's data protection authority hit the country's largest bank with two separate fines totaling nearly 50 million euros for an insider data breach and unlawful customer profiling.
Anthropic Accidentally Exposes Claude Code's Entire Source Code Through npm Packaging Error, Days After Mythos Leak
A misconfigured npm package exposed 512,000 lines of Claude Code's TypeScript source code via a source map file pointing to Anthropic's cloud storage, marking the company's second data exposure in less than a week.
Lloyds Banking Group App Glitch Exposed Transaction Data of Nearly 450,000 Customers, Prompting UK Treasury Committee Investigation
A software defect during an overnight update let Lloyds, Halifax, and Bank of Scotland app users see other customers' transactions, account numbers, and National Insurance numbers for nearly five hours.
European Commission Confirms Cyberattack on AWS Cloud Account as Hacker Claims 350 GB of Stolen Data
The EU's executive arm is investigating a breach of its Amazon Web Services account that exposed Europa.eu infrastructure, the second cloud incident to hit the institution in 2026.
Crunchyroll Confirms Data Breach Exposing 6.8 Million Users After Hacker Compromises Telus Outsourcing Partner
Sony's anime streaming service confirmed a breach of customer service ticket data after a threat actor compromised a Telus International support agent's credentials, claiming to have stolen 100 GB of user data.
Cegedim Sante Breach Exposes 15.8 Million French Medical Records, 16 Months After CNIL Fined the Company for Data Violations
Attackers stole 15.8 million patient files, including doctors' notes with HIV status and sexual orientation, from a French health-tech vendor already fined for mishandling medical data.
HackerOne Discloses Employee Data Breach After Third-Party Benefits Provider Navia Exposes 2.7 Million Records
Bug bounty platform HackerOne confirms 287 employees had Social Security numbers and personal data exposed through a BOLA vulnerability at benefits administrator Navia, part of a broader breach affecting 2.7 million people.
ShinyHunters Claims Near-Petabyte Data Theft from Telus Digital After Breaching BPO Giant Through Stolen Cloud Credentials
Telus Digital confirmed a breach after ShinyHunters claimed to have stolen up to one petabyte of data using cloud credentials obtained in a prior third-party compromise.
ShinyHunters Claims Mass Data Theft From Hundreds of Salesforce Customers Using Weaponized Open-Source Tool
The ShinyHunters cybercrime group says it exploited misconfigured Salesforce Experience Cloud guest accounts to steal data from nearly 400 organizations using a modified version of Mandiant's AuraInspector tool.
LexisNexis Confirms AWS Cloud Breach After Hackers Exploit Unpatched React Vulnerability and Leak 2 GB of Data Including Federal Judge Records
Threat actor FulcrumSec exploited the React2Shell vulnerability in LexisNexis AWS infrastructure, exfiltrating 3.9 million records and claiming access to 400,000 user profiles including U.S. government personnel.
Conduent Breach Reaches 25 Million Americans, Making It the Largest in U.S. History
A ransomware attack on government services giant Conduent exposed SSNs, medical records, and health insurance data for at least 25 million Americans across multiple states.