data breach
Coverage of data breach in the Nexus archive.
- MFA-optional banks leave safe doors (and accounts) wide open for thieves to pillage
A 84-year-old woman lost $30,000 from her bank accounts after thieves exploited weak security practices, including the absence of mandatory multi-factor authentication (MFA). The attackers used stolen passwords from a data breach and created spam filters to block alerts, while financial institutions initially doubted the theft was fraudulent.
- Cyberattack on Hong Kong’s Shun Hing Group affects data of 1 million people
A cyberattack on Hong Kong's Shun Hing Group compromised the personal information of over 1 million people. The Office of the Privacy Commissioner for Personal Data confirmed an investigation into the breach, which was reported by Shun Hing Group on March 23.
- South Korea disputes US congressional report claiming discrimination against Seattle-based Coupang
South Korea's government disputed a U.S. congressional report accusing it of discriminating against Coupang, a U.S.-listed e-commerce company fined 625 billion won for a data breach affecting 37 million people. The report alleged coercive investigations by South Korean authorities, but Seoul denied the claims, stating its actions were lawful and non-discriminatory.
- South Korea disputes US congressional report claiming discrimination against Seattle-based Coupang
South Korea disputes a U.S. congressional report accusing it of discriminating against Coupang, a U.S.-listed e-commerce company fined 625 billion won for a data breach. The report claims South Korea used coercive tactics against Coupang, while Seoul asserts its actions were lawful and non-discriminatory. Coupang plans to challenge the fine in court, citing inadequate consideration of its security improvements.
- Medtronic notifies customers impacted by ShinyHunters data breach
Healthcare device company Medtronic is notifying affected customers about a data breach that exposed their personal information to an unauthorized third party. The breach is linked to ShinyHunters, a hacker group.
- Insurance giant Aflac discloses data breach after subsidiary hack
Insurance giant Aflac has disclosed a new data breach after attackers breached its Japan subsidiary's systems and stole personal and bank account information.
- Data breach exposes up to 14.2 million email logins at six ISPs
A data breach at Japanese telecommunications company KDDI Corporation exposed up to 14.2 million email logins. Threat actors accessed an email system used by five other internet service providers in Japan.
- [NL] Spammed with random french verification codes
A user is receiving SMS messages with French verification codes from an unknown sender named MRELAY. The user suspects a scam due to a recent data breach at their phone provider, which may have exposed their phone number. The sender and purpose of the messages remain unclear.
- 800,000 Texans' personal info compromised in cruise company data breach
Texas Attorney General Ken Paxton is investigating Carnival Corporation after a data breach in April compromised the personal information of 6 million people, including over 800,000 Texans.
- Texas Cyber Command detects data breach affecting more than 3 million hunting, fishing license customers
Texas Cyber Command detected a data breach affecting more than 3 million hunting and fishing license customers. The breach involved a vendor for the Texas Parks and Wildlife Department and occurred last Thursday.
- Tata Electronics, a major tech supplier to Apple and Tesla, confirms data breach
Tata Electronics, a major tech supplier to Apple and Tesla, has confirmed a data breach. The incident occurs as the company expands its role in global technology supply chains.
- [Vietnam] Strange WhatsApp message received from a Romanian number after making a hotel reservation months ago.
A UK-based individual received a suspicious WhatsApp message from a Romanian number containing their parents' personal details, hotel booking information, and a link. The message claims to be from Booking.com, despite the user booking directly with a Vietnamese hotel. The user suspects a data breach and scam.
- Kodak confirms data breach claimed by ShinyHunters extortion gang
Kodak has confirmed a data breach claimed by the ShinyHunters extortion gang and is working with external cybersecurity experts to investigate. Hackers gained access to some of the company's data.
- Bankruptcy admin approves settlement fund of $47 million for 23andMe data breach victims
The bankruptcy admin approved a $47 million settlement for victims of a data breach at 23andMe, where approximately 7 million customers had their data stolen starting in April 2023. Much of the stolen information was later posted on the dark web.
- Pharma giant Novo Nordisk discloses breach of clinical trials data
Danish pharmaceutical giant Novo Nordisk disclosed a data breach affecting patient information from some clinical trials. The breach impacts data related to clinical trials conducted by the company.
- Tchap data breach affects over 73,000 French govt employees
The French government disclosed a data breach affecting the Tchap encrypted messaging platform, which impacts over 73,000 public sector employees. The breach compromises accounts of French government workers using the platform.
- Cyber group claims California water system hack in retaliation for Iran strikes
A hacker-activist group called Handala claimed responsibility for a cyber intrusion targeting water facilities in California, stating the action was retaliation for alleged US strikes on water infrastructure in southern Iran. The group obtained data from the systems and published 5 gigabytes of evidence, warning Washington while claiming to have refrained from disrupting water supplies.
- South Korea fines Coupang record $409 million for data breach
South Korea fined Coupang $409 million for a data breach involving 34 million accounts, citing inadequate security measures. The fine includes penalties for data leaks and non-consensual data collection, with diplomatic tensions arising between South Korea and the US. Coupang's stock has dropped 35% this year following the incident.
- South Korea hits e-commerce giant Coupang with record US$409 million fine for data breach
South Korea imposed a record US$409 million fine on e-commerce giant Coupang for a data breach affecting over 30 million customers. The penalty followed a months-long investigation and sparked tensions with US lawmakers, as the company is incorporated in the United States.
- ‘South Korea’s Amazon’ hit with record fine over data breach
Coupang, referred to as 'South Korea’s Amazon,' was fined $409 million for a data breach that exposed personal information of nearly two-thirds of the country's population.
- Trumpworld connections are fueling Coupang’s clash with South Korea
Coupang, a major South Korean online retailer, faces a trade dispute with South Korea over a data breach and alleged discriminatory regulations. U.S. officials and Republican lawmakers are supporting Coupang, citing unfair treatment of American companies, which has stalled a $350 billion trade agreement. Coupang's lobbying efforts in Washington, including ties to Trump-era figures, have intensified the political and trade tensions.
- SoFi confirms third-party data breach at Hong Kong subsidiary
SoFi Hong Kong confirmed a data breach after hackers accessed a third-party vendor's database containing customer information. The breach involved a Hong Kong-based subsidiary of SoFi.
- Major hack on world's most popular cruise line exposes passports and personal information of 6 MILLION
A major hack on the world's most popular cruise line has exposed passports and personal information of 6 million individuals. The breach involved sensitive data, raising concerns about privacy and security.
- Millions of NYC Health + Hospital patients’ personal data exposed to cybercriminals in data breach, class action lawsuit claims
A data breach at NYC Health + Hospitals exposed millions of patients' and staff's personal data, including social security numbers, medical records, and biometrics, leading to a class action lawsuit. The suit alleges negligence in data protection, violating HIPAA and FTC guidelines, and claims the hospital system delayed notifying affected individuals.
- Elon Musk tries again to escape FTC audits of X data handling
Elon Musk is attempting to avoid FTC audits of X's data handling practices, which were mandated by a 20-year order requiring independent audits and document access to ensure compliance. The FTC imposed the restrictions after Twitter disclosed a data breach that exposed user phone numbers and email addresses for targeted advertising between 2013 and 2019, leading to a $150 million settlement and ongoing monitoring until 2042.
- DentaQuest data breach exposed info of 2.6 million accounts
A data breach at the dental benefits administrator DentaQuest has exposed the sensitive data of 2.6 million accounts.
- UN food agency discloses breach affecting 600,000 Gaza households
The UN's World Food Programme (WFP) disclosed a breach of its self-registration application for Palestine, affecting 600,000 Gaza households. The breach compromised the SRA, a tool used for humanitarian aid distribution in the region.
- My SSN was exposed in a breach at Columbia—a school I have no connection with
A data breach at Columbia University in June exposed 1.8 million Social Security numbers, including those of individuals with no connection to the school. The breach, attributed to a hacktivist motivated by Columbia's 'affirmative action-based' admissions, led to public notices addressed only to the university's community.
- Ultrahuman says hackers accessed customers’ wellness data via internal tool
Ultrahuman experienced a data breach where hackers accessed customers' wellness data through an internal tool. The breach occurred due to stolen credentials from a malware-infected employee laptop.
- Carnival data breach exposes personal information of nearly 6 million cruise passengers
Carnival Cruise Line experienced a data breach affecting nearly 6 million passengers, exposing personal information such as names, addresses, and government-issued IDs. The breach, discovered on April 14 via a social engineering attack, led to free credit monitoring for impacted individuals and enhanced security measures by the company.
- Carnival data breach exposes info of nearly 6M cruise travelers
Carnival Cruise Line experienced a data breach in April that exposed the personal information of nearly 6 million travelers. The company has advised affected passengers to take steps to protect their data.
- Carnival data breach exposes info of nearly 6M cruise travelers
Carnival cruise passengers may need to safeguard their personal information after a data breach in April, which exposed the information of nearly 6 million cruise travelers, according to the company.
- Carnival customer information, including passport details, impacted by data breach, cruise line says
Carnival Corporation reported a data breach caused by a social engineering attack, exposing passengers' sensitive information such as dates of birth and passport numbers. The cruise line confirmed hackers accessed this data through the attack.
- California attorney general sues 23andMe for data breach
California Attorney General Rob Bonta filed a lawsuit against the genetic testing company formerly known as 23andMe for failing to protect customer data. The suit alleges a data breach that compromised user information.
- California attorney general sues 23andMe for data breach
California Atty. Gen. Rob Bonta filed a lawsuit against the genetic testing company formerly known as 23andMe for failing to protect its customers' data. The suit alleges the company failed to safeguard sensitive genetic information.
- California sues 23andMe, alleging it failed to protect user data in 2023 breach
California's attorney general Rob Bonta sued 23andMe, alleging the company failed to protect sensitive user data in a 2023 breach affecting nearly 7 million people. The lawsuit claims the breach compromised user privacy.
- 23andMe accused of failing to protect user data in new lawsuit
A lawsuit alleges that 23andMe failed to protect user data during a 2023 breach, accusing the genetic testing company of not safeguarding user information.
- California Attorney General sues 23andMe successor for 2023 data breach
California Attorney General Rob Bonta has sued the successor of 23andMe over a 2023 data breach, alleging the company misrepresented the breach's severity.
- Could the 7-Eleven breach affect you?
7-Eleven experienced a data breach exposing 185,000 unique email addresses and personal information like names, dates of birth, and physical addresses. The breach, linked to a 2026 extortion campaign by ShinyHunters, involved unauthorized access to systems storing franchisee documents, not customer purchase data.
- Carnival confirms ShinyHunters cruised off with 6M customer records after April breach
Carnival Corporation confirmed a data breach affecting nearly 6 million customers after a social engineering attack on April 14. Hacking group ShinyHunters claimed to have stolen terabytes of data, including personal information like names, addresses, and identification numbers. Carnival is offering free credit monitoring to affected individuals and has enhanced its security measures.