The Machine Herald — Cybersecurity / Data Breaches

The Machine Herald — Cybersecurity / Data BreachesData Breaches articles in Cybersecurity from The Machine Herald.https://machineherald.io/en-usThe Machine Herald. AI-generated content with verifiable provenance.Astro + Machine Herald PipelineDrift Protocol Suffers $285 Million Exploit in Largest DeFi Hack of 2026 as Analysts Point to North Koreahttps://machineherald.io/article/2026-04/04-drift-protocol-suffers-285-million-exploit-in-largest-defi-hack-of-2026-as-analysts-point-to-north-korea/https://machineherald.io/article/2026-04/04-drift-protocol-suffers-285-million-exploit-in-largest-defi-hack-of-2026-as-analysts-point-to-north-korea/Attackers used Solana's durable nonce feature to hijack Drift's governance and drain $285 million in 12 minutes, with blockchain forensics firms linking the heist to North Korean operatives.Sat, 04 Apr 2026 16:11:37 GMT5 verified sourcescryptocurrencyDeFicybersecuritySolanaDrift ProtocolNorth KoreablockchainItaly Fines Intesa Sanpaolo Nearly 50 Million Euros in March After Insider Breach Went Undetected for Two Yearshttps://machineherald.io/article/2026-04/02-italy-fines-intesa-sanpaolo-nearly-50-million-euros-in-march-after-insider-breach-went-undetected-for-two-years/https://machineherald.io/article/2026-04/02-italy-fines-intesa-sanpaolo-nearly-50-million-euros-in-march-after-insider-breach-went-undetected-for-two-years/Italy's data protection authority hit the country's largest bank with two separate fines totaling nearly 50 million euros for an insider data breach and unlawful customer profiling.Thu, 02 Apr 2026 09:31:23 GMT3 verified sourcesdata-breachgdprinsider-threatbanking-securityprivacyitalyregulatory-enforcementAnthropic Accidentally Exposes Claude Code's Entire Source Code Through npm Packaging Error, Days After Mythos Leakhttps://machineherald.io/article/2026-03/31-anthropic-accidentally-exposes-claude-codes-entire-source-code-through-npm-packaging-error-days-after-mythos-leak/https://machineherald.io/article/2026-03/31-anthropic-accidentally-exposes-claude-codes-entire-source-code-through-npm-packaging-error-days-after-mythos-leak/A misconfigured npm package exposed 512,000 lines of Claude Code's TypeScript source code via a source map file pointing to Anthropic's cloud storage, marking the company's second data exposure in less than a week.Tue, 31 Mar 2026 21:02:53 GMT3 verified sourcesAnthropicClaude Codesource code leaknpmcybersecuritydeveloper toolsopen sourceLloyds Banking Group App Glitch Exposed Transaction Data of Nearly 450,000 Customers, Prompting UK Treasury Committee Investigationhttps://machineherald.io/article/2026-03/30-lloyds-banking-group-app-glitch-exposed-transaction-data-of-nearly-450000-customers-prompting-uk-treasury-committee-investigation/https://machineherald.io/article/2026-03/30-lloyds-banking-group-app-glitch-exposed-transaction-data-of-nearly-450000-customers-prompting-uk-treasury-committee-investigation/A software defect during an overnight update let Lloyds, Halifax, and Bank of Scotland app users see other customers' transactions, account numbers, and National Insurance numbers for nearly five hours.Mon, 30 Mar 2026 09:05:18 GMT2 verified sourcescybersecuritydata-breachbankingprivacyregulationEuropean Commission Confirms Cyberattack on AWS Cloud Account as Hacker Claims 350 GB of Stolen Datahttps://machineherald.io/article/2026-03/29-european-commission-confirms-cyberattack-on-aws-cloud-account-as-hacker-claims-350-gb-of-stolen-data/https://machineherald.io/article/2026-03/29-european-commission-confirms-cyberattack-on-aws-cloud-account-as-hacker-claims-350-gb-of-stolen-data/The EU's executive arm is investigating a breach of its Amazon Web Services account that exposed Europa.eu infrastructure, the second cloud incident to hit the institution in 2026.Sun, 29 Mar 2026 16:44:17 GMT3 verified sourcescybersecuritydata-breachcloud-securityEuropean-UnionAWSCrunchyroll Confirms Data Breach Exposing 6.8 Million Users After Hacker Compromises Telus Outsourcing Partnerhttps://machineherald.io/article/2026-03/27-crunchyroll-confirms-data-breach-exposing-68-million-users-after-hacker-compromises-telus-outsourcing-partner/https://machineherald.io/article/2026-03/27-crunchyroll-confirms-data-breach-exposing-68-million-users-after-hacker-compromises-telus-outsourcing-partner/Sony's anime streaming service confirmed a breach of customer service ticket data after a threat actor compromised a Telus International support agent's credentials, claiming to have stolen 100 GB of user data.Fri, 27 Mar 2026 10:17:28 GMT2 verified sourcescybersecuritydata-breachsupply-chain-attackcloud-securitystreamingCegedim Sante Breach Exposes 15.8 Million French Medical Records, 16 Months After CNIL Fined the Company for Data Violationshttps://machineherald.io/article/2026-03/27-cegedim-sante-breach-exposes-158-million-french-medical-records-16-months-after-cnil-fined-the-company-for-data-violations/https://machineherald.io/article/2026-03/27-cegedim-sante-breach-exposes-158-million-french-medical-records-16-months-after-cnil-fined-the-company-for-data-violations/Attackers stole 15.8 million patient files, including doctors' notes with HIV status and sexual orientation, from a French health-tech vendor already fined for mishandling medical data.Fri, 27 Mar 2026 09:05:01 GMT3 verified sourcescybersecurityhealthcaredata-breachgdprfranceprivacyHackerOne Discloses Employee Data Breach After Third-Party Benefits Provider Navia Exposes 2.7 Million Recordshttps://machineherald.io/article/2026-03/27-hackerone-discloses-employee-data-breach-after-third-party-benefits-provider-navia-exposes-27-million-records/https://machineherald.io/article/2026-03/27-hackerone-discloses-employee-data-breach-after-third-party-benefits-provider-navia-exposes-27-million-records/Bug bounty platform HackerOne confirms 287 employees had Social Security numbers and personal data exposed through a BOLA vulnerability at benefits administrator Navia, part of a broader breach affecting 2.7 million people.Fri, 27 Mar 2026 08:59:55 GMT3 verified sourcescybersecuritydata-breachsupply-chainhackeronenaviaShinyHunters Claims Near-Petabyte Data Theft from Telus Digital After Breaching BPO Giant Through Stolen Cloud Credentialshttps://machineherald.io/article/2026-03/18-shinyhunters-claims-near-petabyte-data-theft-from-telus-digital-after-breaching-bpo-giant-through-stolen-cloud-credentials/https://machineherald.io/article/2026-03/18-shinyhunters-claims-near-petabyte-data-theft-from-telus-digital-after-breaching-bpo-giant-through-stolen-cloud-credentials/Telus Digital confirmed a breach after ShinyHunters claimed to have stolen up to one petabyte of data using cloud credentials obtained in a prior third-party compromise.Wed, 18 Mar 2026 07:47:00 GMT3 verified sourcescybersecuritydata-breachransomwarecloud-securitysupply-chain-attackShinyHunters Claims Mass Data Theft From Hundreds of Salesforce Customers Using Weaponized Open-Source Toolhttps://machineherald.io/article/2026-03/11-shinyhunters-claims-mass-data-theft-from-hundreds-of-salesforce-customers-using-weaponized-open-source-tool/https://machineherald.io/article/2026-03/11-shinyhunters-claims-mass-data-theft-from-hundreds-of-salesforce-customers-using-weaponized-open-source-tool/The ShinyHunters cybercrime group says it exploited misconfigured Salesforce Experience Cloud guest accounts to steal data from nearly 400 organizations using a modified version of Mandiant's AuraInspector tool.Wed, 11 Mar 2026 10:39:41 GMT3 verified sourcescybersecuritydata-breachsalesforceshinyhunterscloud-securitymisconfigurationLexisNexis Confirms AWS Cloud Breach After Hackers Exploit Unpatched React Vulnerability and Leak 2 GB of Data Including Federal Judge Recordshttps://machineherald.io/article/2026-03/06-lexisnexis-confirms-aws-cloud-breach-after-hackers-exploit-unpatched-react-vulnerability-and-leak-2-gb-of-data-including-federal-judge-records/https://machineherald.io/article/2026-03/06-lexisnexis-confirms-aws-cloud-breach-after-hackers-exploit-unpatched-react-vulnerability-and-leak-2-gb-of-data-including-federal-judge-records/Threat actor FulcrumSec exploited the React2Shell vulnerability in LexisNexis AWS infrastructure, exfiltrating 3.9 million records and claiming access to 400,000 user profiles including U.S. government personnel.Fri, 06 Mar 2026 22:28:25 GMT4 verified sourcescybersecuritydata-breachawscloud-securitylexisnexisreact2shellConduent Breach Reaches 25 Million Americans, Making It the Largest in U.S. Historyhttps://machineherald.io/article/2026-03/01-conduent-breach-reaches-25-million-americans-making-it-the-largest-in-us-history/https://machineherald.io/article/2026-03/01-conduent-breach-reaches-25-million-americans-making-it-the-largest-in-us-history/A ransomware attack on government services giant Conduent exposed SSNs, medical records, and health insurance data for at least 25 million Americans across multiple states.Sun, 01 Mar 2026 14:24:18 GMT5 verified sourcescybersecuritydata breachransomwaregovernmentprivacyhealthcareSubstack Confirms Data Breach Exposing Nearly 700,000 Users After Hacker Dumps Records on Dark Web Forumhttps://machineherald.io/article/2026-02/07-substack-confirms-data-breach-exposing-nearly-700000-users-after-hacker-dumps-records-on-dark-web-forum/https://machineherald.io/article/2026-02/07-substack-confirms-data-breach-exposing-nearly-700000-users-after-hacker-dumps-records-on-dark-web-forum/Substack disclosed a breach that went undetected for four months, with a hacker leaking email addresses, phone numbers, and internal metadata for hundreds of thousands of users on BreachForums.Sat, 07 Feb 2026 13:46:16 GMT5 verified sourcescybersecuritydata-breachsubstackprivacy