Over 160,000 Companies Notify Regulators of GDPR Breaches
Infosecurity Magazine reports: The number of organizations notifying their GDPR regulator of a data breach surged by 22% to a
January 22, 2026
Infosecurity Magazine reports: The number of organizations notifying their GDPR regulator of a data breach surged by 22% to a
The Hill reports: Members of Elon Musk’s Department of Government Efficiency (DOGE) improperly shared Social Security data through a third-party server, according
Top Class Actions reports: American Addiction Centers Inc. agreed to a $2.75 million class action lawsuit settlement to resolve claims
Preetha Suresh Rini of Robinson Bradshaw explains: In recent years, defendants in data breach class action lawsuits filed in the
KnowTechie reports: Two former cybersecurity professionals have admitted they were secretly running ransomware attacks on the side. According to an announcement this
Miscellaneous News
From Polsinelli PC: In two separate but related actions, third party administrators (TPAs) and their insurance business partners agreed to
CSO reports: Three of the most notorious ransomware-as-a-service operations have formed a criminal cartel aimed at coordinating attacks and sharing
Fox News reports: President Donald Trump has filed a $10 billion lawsuit against the IRS, accusing the agency of unlawfully leaking his confidential tax returns in a politically motivated violation of federal privacy laws. A spokesman for Trump’s legal team told Fox News “a rogue, politically motivated” IRS employee disclosed private and confidential tax information involving Trump, his family and the Trump Organization to outlets, including The New York Times and ProPublica. The suit claims the disclosures were illegal and harmed millions by violating federal
WebProNews reports: An AI toy called Grok exposed 50,000 conversation logs between children and the device to anyone with a Gmail account due to a cloud storage misconfiguration, raising serious questions about data security, regulatory compliance, and the protection of children’s privacy in AI-enabled products. … According to Wired, the breach originated from a fundamental misconfiguration in the toy’s cloud storage system. The company behind Grok had stored approximately 50,000 conversation logs in a Google Cloud Storage bucket that was inadvertently
The Record reports: Websites for the RAMP cybercrime forum, a notorious Russian marketplace widely used by ransomware groups and initial access brokers, have been replaced with a splash page declaring they have been seized by the FBI. Domain name server (DNS) records reportedly initially showed RAMP’s clearnet site redirecting to an FBI domain regularly used in takedowns. … In a post on the XSS hacking forum this week, Stallman announced that law enforcement had “taken control of the RAMP forum.”
Silent Push reports: A massive identity-theft campaign is currently active, targeting Okta Single Sign-On (SSO) and other SSO platform accounts across 100+ high-value enterprises. Silent Push has identified a surge in infrastructure deployment that mirrors the TTPs (Tactics, Techniques, and Procedures) of SLSH—a predatory alliance between Scattered Spider, LAPSUS$, and ShinyHunters. This isn’t a standard automated spray-and-pray attack; it is a human-led, high-interaction voice phishing (“vishing”) operation designed to bypass even hardened Multi-Factor Authentication (MFA) setups. The Threat: SLSH “Supergroup” SLSH (Scattered LAPSUS$ Hunters) is an
SuspectFile reports that two well-known ransomware gangs independently attacked and encrypted files from Resource Corporation of America (RCA), a revenue cycle management business associate headquartered in Texas. What happened next is not totally clear because neither the Qilin gang nor the victim provided any details, but SuspectFile reports that the Medusa gang provided some information : Medusa subsequently leaked approximately 70 GB of data, allegedly from RCA. SuspectFile reports that it contains a lot of what appears to be protected
Cybersecurity Dive reports: Conduent said it may face additional financial risks related to a January 2025 attack that impacted a
Fox News reports: President Donald Trump has filed a $10 billion lawsuit against the IRS, accusing the agency of unlawfully leaking his
WebProNews reports: An AI toy called Grok exposed 50,000 conversation logs between children and the device to anyone with a
The Register reports: The number of successful cyber insurance claims made by UK organizations shot up last year, according to
Insurance Business Magazine reports: A Texas woman has sued Goosehead Insurance Agency over a data breach that exposed sensitive customer
Cybersecurity Dive reports: Conduent said it may face additional financial risks related to a January 2025 attack that impacted a
Fox News reports: President Donald Trump has filed a $10 billion lawsuit against the IRS, accusing the agency of unlawfully leaking his confidential tax returns in a politically motivated violation of federal privacy laws. A spokesman for Trump’s legal team told Fox News “a rogue, politically motivated” IRS employee disclosed private and confidential tax information involving Trump, his family and the Trump Organization to outlets, including The New York Times and ProPublica. The suit claims the disclosures were illegal and harmed millions by violating federal
WebProNews reports: An AI toy called Grok exposed 50,000 conversation logs between children and the device to anyone with a Gmail account due to a cloud storage misconfiguration, raising serious questions about data security, regulatory compliance, and the protection of children’s privacy in AI-enabled products. … According to Wired, the breach originated from a fundamental misconfiguration in the toy’s cloud storage system. The company behind Grok had stored approximately 50,000 conversation logs in a Google Cloud Storage bucket that was inadvertently
The Record reports: Websites for the RAMP cybercrime forum, a notorious Russian marketplace widely used by ransomware groups and initial access brokers, have been replaced with a splash page declaring they have been seized by the FBI. Domain name server (DNS) records reportedly initially showed RAMP’s clearnet site redirecting to an FBI domain regularly used in takedowns. … In a post on the XSS hacking forum this week, Stallman announced that law enforcement had “taken control of the RAMP forum.”
Silent Push reports: A massive identity-theft campaign is currently active, targeting Okta Single Sign-On (SSO) and other SSO platform accounts across 100+ high-value enterprises. Silent Push has identified a surge in infrastructure deployment that mirrors the TTPs (Tactics, Techniques, and Procedures) of SLSH—a predatory alliance between Scattered Spider, LAPSUS$, and ShinyHunters. This isn’t a standard automated spray-and-pray attack; it is a human-led, high-interaction voice phishing (“vishing”) operation designed to bypass even hardened Multi-Factor Authentication (MFA) setups. The Threat: SLSH “Supergroup” SLSH (Scattered LAPSUS$ Hunters) is an
Infosecurity Magazine reports: The number of organizations notifying their GDPR regulator of a data breach surged by 22% to a
The Hill reports: Members of Elon Musk’s Department of Government Efficiency (DOGE) improperly shared Social Security data through a third-party server, according
Top Class Actions reports: American Addiction Centers Inc. agreed to a $2.75 million class action lawsuit settlement to resolve claims
Preetha Suresh Rini of Robinson Bradshaw explains: In recent years, defendants in data breach class action lawsuits filed in the
KnowTechie reports: Two former cybersecurity professionals have admitted they were secretly running ransomware attacks on the side. According to an announcement this
Miscellaneous News
From Polsinelli PC: In two separate but related actions, third party administrators (TPAs) and their insurance business partners agreed to
CSO reports: Three of the most notorious ransomware-as-a-service operations have formed a criminal cartel aimed at coordinating attacks and sharing
Cybersecurity Dive reports: Conduent said it may face additional financial risks related to a January 2025 attack that impacted a
Fox News reports: President Donald Trump has filed a $10 billion lawsuit against the IRS, accusing the agency of unlawfully leaking his
WebProNews reports: An AI toy called Grok exposed 50,000 conversation logs between children and the device to anyone with a
The Register reports: The number of successful cyber insurance claims made by UK organizations shot up last year, according to
Insurance Business Magazine reports: A Texas woman has sued Goosehead Insurance Agency over a data breach that exposed sensitive customer
Cybersecurity Dive reports: Conduent said it may face additional financial risks related to a January 2025 attack that impacted a