Data Breaches
21 articles RSS
Foxconn Confirms Nitrogen Ransomware Attack on North American Factories with 8 TB Data and 11 Million Documents Stolen
World's largest electronics manufacturer acknowledges cyberattack claimed by Nitrogen ransomware group on North American factories; attackers allege 8 TB data theft including confidential schematics for Apple, Nvidia, Google and others, with production now resuming.
RedAccess Finds More Than 5,000 Vibe-Coded Apps on Lovable, Replit, Base44 and Netlify Running With No Authentication
Israeli security firm RedAccess says vibe-coding platforms ship apps that default to public, exposing medical, financial and corporate data to anyone who can find them.
Instructure Confirms Canvas Data Breach as ShinyHunters Claims 275 Million Records From 9,000 Schools
Instructure says names, email addresses, student IDs and user messages were exposed in a breach disclosed May 1. ShinyHunters then listed the firm on its leak site, claiming 3.65 TB of data tied to 275 million people at close to 9,000 institutions.
ADT Confirms Breach of 5.5 Million Customers After ShinyHunters Vish an Okta SSO Account and Loot Salesforce
Home security giant ADT says attackers detected on April 20 stole names, phone numbers and addresses for 5.5 million customers after voice-phishing an employee's Okta single sign-on. ShinyHunters published an 11GB archive when the company refused to pay.
Vercel Breach Traces Back to a Roblox Cheat: How a Lumma Stealer Infection at Context.ai Became an OAuth Pivot Into a Cloud Provider
A Lumma Stealer infection at AI startup Context.ai escalated into a cross-tenant OAuth attack on Vercel, exposing employee accounts, environment variables, and customer credentials, with attackers reportedly demanding a $2 million ransom in Telegram messages with the company.
France Titres Breach Exposes Up to 12 Million Government ID Records as Hacker Claims 19 Million Stolen
France's national identity document agency confirmed hackers breached its portal and stole data on up to 12 million citizens, while the threat actor claims 19 million records are for sale.
ShinyHunters Breach Rockstar Games via Third-Party Cloud Exploit, Release Financial Data After GTA VI Maker Refuses Ransom
Hackers exploited Anodot's integration with Rockstar's Snowflake cloud to steal nearly 80 million records of financial and analytics data, then published them after the studio refused to pay.
European Commission Confirms Data Breach After ShinyHunters Publish Stolen Europa.eu Records
The European Commission confirms a breach of its AWS-hosted Europa.eu platform after ShinyHunters published over 90 GB of stolen data. CERT-EU traces the intrusion to a supply chain attack on the Trivy security scanner.
Drift Protocol Suffers $285 Million Exploit in Largest DeFi Hack of 2026 as Analysts Point to North Korea
Attackers used Solana's durable nonce feature to hijack Drift's governance and drain $285 million in 12 minutes, with blockchain forensics firms linking the heist to North Korean operatives.
Italy Fines Intesa Sanpaolo Nearly 50 Million Euros in March After Insider Breach Went Undetected for Two Years
Italy's data protection authority hit the country's largest bank with two separate fines totaling nearly 50 million euros for an insider data breach and unlawful customer profiling.
Anthropic Accidentally Exposes Claude Code's Entire Source Code Through npm Packaging Error, Days After Mythos Leak
A misconfigured npm package exposed 512,000 lines of Claude Code's TypeScript source code via a source map file pointing to Anthropic's cloud storage, marking the company's second data exposure in less than a week.
Lloyds Banking Group App Glitch Exposed Transaction Data of Nearly 450,000 Customers, Prompting UK Treasury Committee Investigation
A software defect during an overnight update let Lloyds, Halifax, and Bank of Scotland app users see other customers' transactions, account numbers, and National Insurance numbers for nearly five hours.