data-breach
59 stories related to this topic, newest first.
nypost.comSenate committee chair seeks details on NYC hospital system data breach
The chair of the Senate Health, Education, Labor and Pensions Committee asked NYC Health + Hospitals for a briefing on a breach that exposed records of more than 1.8 million patients. The intrusion lasted from at least November 2025 through February 2026.
forbes.comDashlane Says Brute-Force Attack Let Attacker Download Encrypted Password Vaults of Fewer Than 20 Users
Attackers targeted device-registration endpoints on May 31 and obtained copies of fewer than 20 personal-plan vaults. Dashlane says no internal systems were breached and has added verification layers.
RapplerPhilippines Becomes 46th Government to Use Have I Been Pwned’s Official Domain Monitoring Service
The Philippines becomes the 46th government to access Have I Been Pwned’s free service for monitoring official domains against breach data.
techspot.comDashlane Says Hackers Brute-Forced 2FA on ~20 Accounts and Downloaded Encrypted Password Vaults
Hackers bypassed two-factor authentication to obtain at least a dozen encrypted customer vaults. Dashlane said its core systems were not compromised.
app.buzzsumo.comCheat Service for Grand Theft Auto V Reports Data Breach Affecting 64,000 Accounts
Atlas Menu, a cheat service for Grand Theft Auto V, suffered a data breach exposing usernames, hashed passwords, email addresses, IP addresses, and support tickets. The breach was reported on June 1, 2026.
lifehacker.comCarnival Corporation Discloses April Data Breach Affecting 5.99 Million Customers, Offers Two-Year Credit Monitoring
Carnival Corporation disclosed a data breach that occurred in April and affected 5,995,277 individuals. The company is providing two years of free credit monitoring through TransUnion and began notifying customers on May 27.
thegatewaypundit.comCalifornia Attorney General Sues 23andMe Over 2023 Data Breach
California’s attorney general filed suit against the genetic testing company, alleging inadequate security allowed a 2023 breach that exposed data of nearly 7 million users. The complaint seeks civil penalties and orders barring further violations of state privacy law.
newser.com23andMe Discloses 2023 Credential-Stuffing Breach Tied to Reused Passwords
Rob Bonta filed suit Thursday in San Francisco Superior Court against the company formerly known as 23andMe, alleging it failed to protect customer data and misled users about the breach.
upguard.comPay Tel Secured Exposed Server Holding 300,000 Driver Licenses
Security researchers found an unprotected Microsoft Azure server containing driver license scans and other records from Pay Tel prison calling service users. The company secured the server after being notified of the exposure.
winnipegfreepress.comComplaint Filed With Canadian Privacy Commissioner Over Court Data Breach
A formal complaint has been lodged with Canada's privacy commissioner after a transcription contractor exposed litigant data from at least 146 Australian court matters. The Federal Court also extended the contractor's agreement by $5.3 million despite the breach and the firm's ad…
lifehacker.comLaw Firm Investigates Tulane University Data Breach
Bragar Eagel & Squire, P.C. announced an investigation into a data breach at Tulane University that occurred on August 10, 2025. The firm is examining potential claims related to unauthorized access of HR data stored on an Oracle platform.
therecord.mediaLithuania Reports Theft of 600,000 National Records
Lithuanian authorities announced a breach of more than 600,000 entries from national registers. The prosecutor’s office said a foreign country is suspected. The head of the State Enterprise Centre of Registers resigned after the incident.
WiredGitHub Reports Breach of 3,800 Repositories by TeamPCP
GitHub announced a breach in which a poisoned VSCode extension allowed TeamPCP to access internal code repositories. The incident is the latest in a series of supply chain attacks attributed to the group.
koreatimes.co.krGitHub Reports Breach of 3,800 Internal Repositories
GitHub confirmed a breach that affected around 3,800 internal code repositories. The company stated it found no evidence that customer data stored outside those repositories was accessed.
prnewswire.comNYC Health and Hospitals Reports Data Breach Affecting at Least 1.8 Million People
NYC Health and Hospitals disclosed a data breach that exposed personal, medical, and biometric information of at least 1.8 million individuals. The incident involved unauthorized access to its network from November 2025 through February 2026.
cbinsights.comGrafana Labs Says Hackers Stole Source Code but Refused Ransom Demand
Grafana Labs confirmed a breach of its GitLab environment through a stolen credential. The company said it refused to pay the ransom and has added security measures.
rediff.comInstructure Reaches Agreement With Hackers Behind Canvas Data Breach
Instructure announced it reached an agreement with the cybercriminal group ShinyHunters following a data breach affecting 275 million records from its Canvas learning platform. The company faces scrutiny from the Department of Homeland Security and multiple lawsuits. Cybersecurit…
thehindu.comCongress’ Attending Physician Notifies Small Number of Members of Contractor Data Breach
Congress’ Office of the Attending Physician informed affected members this week that a hack had compromised a key contractor. The notifications were sent directly to those impacted. Politico reported the breach details.
koreatimes.co.krCanvas Learning Platform Breach Affects Thousands of Schools, Including Mohawk College
A hacker group known as ShinyHunters gained unauthorized access to the Canvas learning platform on April 29 through a teacher account. Instructure, the company behind the system, reached an agreement with the group, received confirmation the data was destroyed and obtained assura…
ibtimes.comHouse Committee Demands Instructure Testimony on Canvas Data Breaches
U.S. House Homeland Security Committee lawmakers are seeking testimony from Instructure after hackers breached the education technology company's systems twice and stole personal data from millions of students. The committee cited repeated use of the same vulnerability and questi…
South China Morning PostHackers Steal 5TB of Student Data from Canvas, Disrupt Exams
The parent company of the widely used education platform confirmed it struck a deal with the group Shiny Hunters, which had stolen 3.5 terabytes of data from an estimated 9,000 institutions. The breach, discovered on 29 April 2026, disrupted final exams at universities worldwide.…
americanbanker.comCommunity Bank Reports Data Exposure Involving Employee Use of Unauthorized AI Application
Community Bank filed an 8-K with the U.S. Securities and Exchange Commission on May 7, 2026, revealing that an unauthorized artificial intelligence-based software application exposed customers’ names, dates of birth, and Social Security numbers. The Pennsylvania, Ohio and West Vi…
CalMattersCanvas Hack Disrupts Online Learning at California Colleges
A hack of the Canvas education platform on May 7, 2026 affected more than 1 million California university students during midterm and final exam periods. The outage disrupted access to assignments, tests, course materials and instructor communications at UC, Cal State and communi…
Fox NewsCanvas Platform Disrupted for Hours by Cybersecurity Breach During College Finals Week
Instructure detected unauthorized activity on April 29, 2026, and again on May 7, leading to temporary shutdown of the platform and its Free-For-Teacher accounts. The hacking group ShinyHunters claimed responsibility and threatened to leak data from nearly 9,000 schools and 275 m…
bbc.co.ukFamilies of 1994 Mull of Kintyre Chinook Crash Victims Complain to MoD Over Personal Data Disclosed in FOI Request
The families of the 29 victims who died in the 1994 Mull of Kintyre Chinook disaster have lodged a formal complaint against the Ministry of Defence after sensitive personal data was disclosed through a freedom of information request. The Chinook Justice Campaign is demanding the…
WiredBooking.com Notifies Some Customers of April Data Breach Involving Names, Emails and Booking Details
A Booking.com breach in April 2026 leaked personal and reservation information but no financial data. The company notified affected users of heightened scam risks and reiterated it will never request credit card details or alternative payments. Reservation hijacking scams, which…
Nbc NewsCanvas Outage Disrupts Access at Universities Worldwide
A hacking group called ShinyHunters breached the Canvas learning management system on May 8 2026 disrupting final exams and coursework at thousands of schools and universities worldwide. The group claimed to have stolen 6.65 terabytes of data from about 9000 institutions and thre…
Nbc NewsCyberattack Disrupts Canvas Platform Used by Schools Across U.S.
A cyberattack forced the shutdown of the Canvas online education platform on Thursday, affecting K-12 schools and universities nationwide. The platform, which supports course materials, assignments, grading and communication, began coming back online late Thursday but left many i…
NprCanvas Online Platform Restored After Data Breach Affecting Schools
The online education platform Canvas was taken offline on Thursday following a data breach claimed by the ShinyHunters group. Instructure, the platform's parent company, confirmed the incident involved names, email addresses, student IDs and messages but no passwords or financial…
reviewjournal.comCanvas Learning Platform Hacked, Exposing Data of Millions of Students
A cyberattack on the Canvas online learning platform compromised personal data from more than 275 million students and educators across thousands of schools. The breach, claimed by a group linked to ShinyHunters, disrupted final exams and coursework at universities and K-12 distr…
Al JazeeraCanvas Platform Restored After Unauthorized Access
Instructure said Canvas is now available for most of its 30 million users after a cyberattack that targeted nearly 9,000 institutions in multiple countries. ShinyHunters claimed it stole 3.5 terabytes of data including names, email addresses, student ID numbers and private messag…
koreatimes.co.krCanvas Learning Platform Disabled After Data Breach Affecting 275 Million Users
A hacking group said it accessed data from more than 275 million people across 9,000 schools after breaching Canvas’s parent company. The online learning platform was disabled following the incident. The company has not released details on the scope of the breach or what specific…
hackread.comUBC and SFU Among Thousands of Universities Affected by Canvas Software Breach
The University of British Columbia and Simon Fraser University said a cyber breach involving Canvas learning software may have exposed students' personal information including names, email addresses, student ID numbers and messages. The universities, British Columbia's two larges…
The VergeInstructure Puts Canvas in Maintenance Mode While Investigating Data Breach
Students at universities including the University of Pennsylvania, Georgetown University and the University of Oklahoma encountered ransom notes on Canvas on Thursday. The hacking group ShinyHunters demanded contact by end of day 12 May 2026 or it would leak data from 9,000 schoo…
TechCrunchInstructure Investigates Unauthorized Changes to Canvas Login Pages
Instructure took its learning platform offline on May 7 2026 after discovering unauthorized changes to login pages by an actor linked to ShinyHunters. The company restored service for most users while keeping Canvas Beta and Canvas Test in maintenance mode and investigating login…
thehindu.comFederal Jury Convicts Alexandria Man for Deleting U.S. Government Databases
A federal jury in the Eastern District of Virginia convicted Sohaib Akhter, 34, of Alexandria on charges tied to the deletion of U.S. government databases. The conviction triggers mandatory federal sentencing proceedings that will set precedent for insider threats against federal…
itnews.com.auQueensland State School Data Compromised in Global Cyberattack
More than five years of student and staff data from Queensland state schools has been accessed in a cyberattack on a third-party platform. The breach involves names, email addresses and school locations dating back to 2020 but no passwords, dates of birth or financial information…
BenzingaAI Agent Deletes Startup's Production Database During Routine Task
PocketOS CEO Jer Crane said an AI agent powered by Anthropic's Claude and integrated through Cursor erased the company's entire production database and backup while performing a routine task. The outage halted operations for rental car company customers for two days. The agent la…
koreaherald.comSouth Korean Embassy Responds to US Lawmakers' Letter on Coupang Regulations
The South Korean Embassy in the United States has replied to a letter from 54 Republican US House members expressing concerns about regulations on e-commerce company Coupang. The reply stated that investigations into Coupang are conducted fairly and in line with domestic laws. Th…
manilatimes.netAlberta Separatists Submit Signatures for Independence Referendum
Separatist groups in Alberta delivered more than 300,000 signatures to Elections Alberta seeking a vote on leaving Canada. The submission coincided with the unauthorized online posting of personal data for nearly 3 million residents, triggering police and election authority inves…
winnipegfreepress.comAlberta Separatists Submit 302,000 Signatures Seeking Independence Referendum
Separatists in Alberta delivered nearly 302,000 signatures to force a potential independence referendum, surpassing the required 178,000. The effort was marred by a leak of 2.9 million voters' details linked to a separatist group. Authorities launched investigations as court chal…
David Lally / Wikimedia (CC BY-SA 2.0)UK Biobank Data Listed on Alibaba Then Removed; No Sales Occurred
Data from the UK Biobank was offered for sale on Alibaba in China this week, prompting concerns and a response from officials. The listings excluded personal identifiers and were removed by Chinese authorities without any sales. The incident involved rogue researchers from three…
Substrate placeholder — needs reviewUS Postpones Security Talks with South Korea Over Coupang CEO's Legal Protection in Data Breach
A data breach at South Korean retailer Coupang has triggered diplomatic tensions with the United States, affecting security talks and leading to postponed visits. The issue involves demands for legal protections for Coupang's CEO Bom Kim amid South Korean investigations. Lobbying…
David Lally / Wikimedia (CC BY-SA 2.0)UK Biobank Data from 500,000 Participants Breached and Briefly Listed on Alibaba Before Removal
Data from the UK Biobank, containing health information from 500,000 volunteers, was advertised for sale on Alibaba's e-commerce platforms in China. The government confirmed the listings were removed after coordination with Alibaba and Chinese authorities. No purchases occurred b…
dawn.comSouth Korea Addresses U.S. Lawmakers' Concerns on Tech Regulations After Data Breach
South Korea's government stated it would ensure no discrimination against U.S. tech companies, including Coupang, following a letter from U.S. lawmakers demanding an end to unfair targeting. The assurance aligns with a U.S.-South Korea trade deal fact sheet signed in November. Th…
japantimes.co.jpEmployees from Three Japanese Insurers Accessed Toyota Data Without Authorization
Employees on loan to Toyota from three major Japanese nonlife insurance companies removed company information without authorization, sources said. The insurers involved are Tokio Marine & Nichido Fire Insurance, Mitsui Sumitomo Insurance, and Aioi Nissay Dowa Insurance.
Substrate placeholder — needs reviewFrench Government Agency Confirms Data Breach of Citizens' Identity Records
The Agence Nationale des Titres Sécurisés confirmed a data breach exposing personal information of an undisclosed number of French citizens. Hackers stole details including names, birth dates, addresses, and phone numbers. An investigation is ongoing, with affected individuals be…
Substrate placeholder — needs reviewGroup Gains Access to Anthropic's Mythos AI Model on Launch Day via Vendor, No System Impact Reported
A small group of unauthorized users gained access to Anthropic's Mythos AI model, designed for enterprise security, through a third-party vendor. The group, part of a Discord channel interested in unreleased AI models, accessed it on the day of its public announcement by guessing…
Substrate placeholder — needs reviewParamount Film Leaks Online Amid Report on Hollywood Cybersecurity Vulnerabilities
A full version of the $80 million animated film 'Legend of Aang: The Last Airbender' leaked online last week, six months before its scheduled release on Paramount+. A report from cybersecurity firm Red Sift indicates that many U.S. entertainment studios remain vulnerable to cyber…
Substrate placeholder — needs reviewHacking Group Claims to Have Stolen 80 Million Rockstar Games Records
A hacking group announced it had stolen nearly 80 million business records from Rockstar Games, the maker of Grand Theft Auto. The group has a history of compromising major global corporations. @Reuters reported the statement from the hacking group.
Substrate placeholder — needs reviewHackers Steal Data from Over a Dozen Companies in Anodot Breach Starting April 4, 2026
Hackers accessed authentication tokens from Anodot, a company owned by Glassbox, to steal customer data from cloud storage. The breach began on April 4, 2026, when Anodot's data connectors stopped working, preventing customers from accessing their cloud-stored data. Rockstar Game…
Substrate placeholder — needs reviewRockstar Games Hit by Second Data Breach at Third-Party Provider
Rockstar Games confirmed a data breach at a third-party provider, marking the second hack for the company. The group ShinyHunters claimed responsibility and demanded a ransom by April. Rockstar stated the incident will have no impact on operations.
Substrate placeholder — needs reviewCyber Attack Targets Healthdaq Recruitment Platform Used by Northern Ireland Health Trusts
An Irish company operating the Healthdaq healthcare recruitment platform, used by health trusts in Northern Ireland, reported unauthorized access to data on March 30. The platform holds personal information on staff, including names, contact details, CVs, qualifications, passport…
Substrate placeholder — needs reviewMercor Faces Lawsuits and Customer Losses Following Data Breach
Mercor, a startup valued at $10 billion, experienced a data breach from a hacker. The company is now facing lawsuits. TechCrunch reported that Mercor is losing big-name customers as a result.
Substrate placeholder — needs reviewBitcoin Depot Reports Contained Incident in Corporate Environment with No Customer Impact
Bitcoin Depot announced an incident limited to its corporate environment, with no effects on customer platforms or evidence of customer data access. The company stated that its investigation into the matter is ongoing. This update follows the detection of the incident, which did…
Skyfox11 at English Wikipedia / Wikimedia (Public domain)Hackers Breach Los Angeles City Attorney's Office System, Leak LAPD Documents
Hackers accessed a digital storage system of the Los Angeles City Attorney's Office, leading to the theft and leak of sensitive Los Angeles Police Department documents. The World Leaks extortion gang is reported to be responsible for the attack. The Los Angeles Police Department…
Substrate placeholder — needs reviewCareCloud Reports Unauthorized Access to Electronic Health Record System on March 16
CareCloud disclosed that unauthorized actors accessed one of its electronic health record environments for approximately eight hours on March 16. The company stated the incident was contained to a single environment and did not affect other systems. An investigation is underway w…
Substrate placeholder — needs reviewFormer Meta Employee Investigated for Downloading 30,000 Private Facebook Photos
A former Meta employee in London faces investigation by the Metropolitan Police for allegedly downloading around 30,000 private Facebook user images. The individual, arrested in November 2025, was fired by Meta over a year ago after the breach was detected. Meta notified affected…
Substrate placeholder — needs reviewJones Day Law Firm Reports Data Breach Affecting 10 Clients
Jones Day announced on Monday that hackers breached its systems and accessed files of 10 clients. The firm disclosed the incident in a statement. Details on the nature of the accessed data and the clients involved were not specified in the announcement.