Over 160,000 Companies Notify Regulators of GDPR Breaches
Infosecurity Magazine reports: The number of organizations notifying their GDPR regulator of a data breach surged by 22% to a
January 22, 2026
Infosecurity Magazine reports: The number of organizations notifying their GDPR regulator of a data breach surged by 22% to a
The Hill reports: Members of Elon Musk’s Department of Government Efficiency (DOGE) improperly shared Social Security data through a third-party server, according
Top Class Actions reports: American Addiction Centers Inc. agreed to a $2.75 million class action lawsuit settlement to resolve claims
Preetha Suresh Rini of Robinson Bradshaw explains: In recent years, defendants in data breach class action lawsuits filed in the
KnowTechie reports: Two former cybersecurity professionals have admitted they were secretly running ransomware attacks on the side. According to an announcement this
Miscellaneous News
From Polsinelli PC: In two separate but related actions, third party administrators (TPAs) and their insurance business partners agreed to
CSO reports: Three of the most notorious ransomware-as-a-service operations have formed a criminal cartel aimed at coordinating attacks and sharing
Down, down, down go Conduent’s stock prices. Breaches by third-party vendors or business associates account for the majority of patient records breached in incidents. The 2025 Breach Barometer report, which includes more than HIPAA-covered entities, found that 77% of breached patient records resulted from business associate breaches. Some business associate breaches affect millions of patients or consumers. In the U.S. healthcare sector, the Change Healthcare breach was the largest reported to date, affecting more than 190 million patients. Costs for
Fox News reports: President Donald Trump has filed a $10 billion lawsuit against the IRS, accusing the agency of unlawfully leaking his confidential tax returns in a politically motivated violation of federal privacy laws. A spokesman for Trump’s legal team told Fox News “a rogue, politically motivated” IRS employee disclosed private and confidential tax information involving Trump, his family and the Trump Organization to outlets, including The New York Times and ProPublica. The suit claims the disclosures were illegal and harmed millions by violating federal
WebProNews reports: An AI toy called Grok exposed 50,000 conversation logs between children and the device to anyone with a Gmail account due to a cloud storage misconfiguration, raising serious questions about data security, regulatory compliance, and the protection of children’s privacy in AI-enabled products. … According to Wired, the breach originated from a fundamental misconfiguration in the toy’s cloud storage system. The company behind Grok had stored approximately 50,000 conversation logs in a Google Cloud Storage bucket that was inadvertently
The Record reports: Websites for the RAMP cybercrime forum, a notorious Russian marketplace widely used by ransomware groups and initial access brokers, have been replaced with a splash page declaring they have been seized by the FBI. Domain name server (DNS) records reportedly initially showed RAMP’s clearnet site redirecting to an FBI domain regularly used in takedowns. … In a post on the XSS hacking forum this week, Stallman announced that law enforcement had “taken control of the RAMP forum.”
Silent Push reports: A massive identity-theft campaign is currently active, targeting Okta Single Sign-On (SSO) and other SSO platform accounts across 100+ high-value enterprises. Silent Push has identified a surge in infrastructure deployment that mirrors the TTPs (Tactics, Techniques, and Procedures) of SLSH—a predatory alliance between Scattered Spider, LAPSUS$, and ShinyHunters. This isn’t a standard automated spray-and-pray attack; it is a human-led, high-interaction voice phishing (“vishing”) operation designed to bypass even hardened Multi-Factor Authentication (MFA) setups. The Threat: SLSH “Supergroup” SLSH (Scattered LAPSUS$ Hunters) is an
Down, down, down go Conduent’s stock prices. Breaches by third-party vendors or business associates account for the majority of patient
The Record reports: A software update mechanism for the popular text editor Notepad++ was hijacked by suspected Chinese state-sponsored hackers,
Updates to two business associate breaches reveal that millions of patients have been impacted by third-part breaches, with Healthcare Interactive’s
The Register reports: The number of successful cyber insurance claims made by UK organizations shot up last year, according to
Insurance Business Magazine reports: A Texas woman has sued Goosehead Insurance Agency over a data breach that exposed sensitive customer
Down, down, down go Conduent’s stock prices. Breaches by third-party vendors or business associates account for the majority of patient
Down, down, down go Conduent’s stock prices. Breaches by third-party vendors or business associates account for the majority of patient records breached in incidents. The 2025 Breach Barometer report, which includes more than HIPAA-covered entities, found that 77% of breached patient records resulted from business associate breaches. Some business associate breaches affect millions of patients or consumers. In the U.S. healthcare sector, the Change Healthcare breach was the largest reported to date, affecting more than 190 million patients. Costs for
Fox News reports: President Donald Trump has filed a $10 billion lawsuit against the IRS, accusing the agency of unlawfully leaking his confidential tax returns in a politically motivated violation of federal privacy laws. A spokesman for Trump’s legal team told Fox News “a rogue, politically motivated” IRS employee disclosed private and confidential tax information involving Trump, his family and the Trump Organization to outlets, including The New York Times and ProPublica. The suit claims the disclosures were illegal and harmed millions by violating federal
WebProNews reports: An AI toy called Grok exposed 50,000 conversation logs between children and the device to anyone with a Gmail account due to a cloud storage misconfiguration, raising serious questions about data security, regulatory compliance, and the protection of children’s privacy in AI-enabled products. … According to Wired, the breach originated from a fundamental misconfiguration in the toy’s cloud storage system. The company behind Grok had stored approximately 50,000 conversation logs in a Google Cloud Storage bucket that was inadvertently
The Record reports: Websites for the RAMP cybercrime forum, a notorious Russian marketplace widely used by ransomware groups and initial access brokers, have been replaced with a splash page declaring they have been seized by the FBI. Domain name server (DNS) records reportedly initially showed RAMP’s clearnet site redirecting to an FBI domain regularly used in takedowns. … In a post on the XSS hacking forum this week, Stallman announced that law enforcement had “taken control of the RAMP forum.”
Infosecurity Magazine reports: The number of organizations notifying their GDPR regulator of a data breach surged by 22% to a
The Hill reports: Members of Elon Musk’s Department of Government Efficiency (DOGE) improperly shared Social Security data through a third-party server, according
Top Class Actions reports: American Addiction Centers Inc. agreed to a $2.75 million class action lawsuit settlement to resolve claims
Preetha Suresh Rini of Robinson Bradshaw explains: In recent years, defendants in data breach class action lawsuits filed in the
KnowTechie reports: Two former cybersecurity professionals have admitted they were secretly running ransomware attacks on the side. According to an announcement this
Miscellaneous News
From Polsinelli PC: In two separate but related actions, third party administrators (TPAs) and their insurance business partners agreed to
CSO reports: Three of the most notorious ransomware-as-a-service operations have formed a criminal cartel aimed at coordinating attacks and sharing
Down, down, down go Conduent’s stock prices. Breaches by third-party vendors or business associates account for the majority of patient
The Record reports: A software update mechanism for the popular text editor Notepad++ was hijacked by suspected Chinese state-sponsored hackers,
Updates to two business associate breaches reveal that millions of patients have been impacted by third-part breaches, with Healthcare Interactive’s
The Register reports: The number of successful cyber insurance claims made by UK organizations shot up last year, according to
Insurance Business Magazine reports: A Texas woman has sued Goosehead Insurance Agency over a data breach that exposed sensitive customer
Down, down, down go Conduent’s stock prices. Breaches by third-party vendors or business associates account for the majority of patient