LATEST POST
How a massive password-cracking operation spilled credentials for thousands of orgs
Ars Technica reports: Researchers have uncovered a massive breach of Fortinet firewalls that has given Russian-speaking attackers near-unrestricted access to some of the world’s largest and most powerful organizations, including Oracle, Chevron, Lenovo, Federal Express, a NATO defense contractor, and Fortinet itself. Nearly 74,000 Fortinet devices from more than 21,000 IP addresses in 194 countries […]
Nintendo responds after alleged third-party data breach: Our ‘systems have not been compromised’
Mashable reports: Nintendo of North America says it’s aware of what’s been described as a small third-party data breach affecting some of its employees. “Nintendo’s systems have not been compromised,” the company told Mashable in a statement, acknowledging that a third-party service was affected by an “issue.” Earlier this week, a hacking group calling itself ShadowByte$ […]
iRhythm discloses data breach, says hackers stole patient info
Bleeping Computer reports: Digital healthcare company iRhythm Holdings has disclosed a data breach after hackers stole patients’ personal and health information stored on third-party-hosted business applications. The company says its cardiac monitoring service has been used to analyze more than 2 billion hours of curated heartbeat data from over 12 million patients. In a filing with the […]
One threat actor demanded $50 million from Novo Nordisk. Another one demanded $25 million. Neither got paid.
DataBreaches.net reports that Novo Nordisk wasn’t attacked by just one criminal group but by two. The first group was FulcrumSec, who first contacted Novo Nordisk on June 1. After Novo Nordisk stopped responding to them, FulcrumSec leaked some of the data, providing DataBreaches.net with some exclusive material revealing how they approached the pharmaceutical giant. The […]
Labcorp Agrees to $35M Settlement to Resolve AMCA Data Breach Litigation
HIPAA Journal reports: A $35,000,000 settlement has been agreed to resolve a long-running class action lawsuit against Labcorp over a 2018 cybersecurity incident at American Medical Collection Agency. Laboratory Corporation of America Holdings (Labcorp), a provider of diagnostic testing services, had contracted with a company called Retrieval-Masters Creditor’s Bureau, Inc., which does business as American Medical […]
Novo Nordisk identifies a hacking incident; pseudoanonymized patient data from clinical trials and provider data accessed
Danish pharmaceutical firm Novo Nordisk, the world’s largest producer of insulin, and maker of GLP-1 medications Wegovy and Ozempic, has disclosed a data breach. The following is from its press release of June 11, 2026: Novo Nordisk A/S has identified an IT security incident involving unauthorised access to a limited number of internal IT systems. […]
Paylogix Discloses Ransomware Attack in November 2025
Claim Depot reports: Paylogix, a New York-based insurtech company that provides technology and billing solutions for voluntary employee benefits, disclosed a data breach that occurred in November 2025. Paylogix posted a notice of the data event on its website stating that between Nov. 13 and Nov. 18, 2025, unauthorized individuals gained access to certain Paylogix computer systems […]
Bankruptcy admin approves settlement fund of $47 million for 23andMe data breach victims
The Record reports that the court administrator approved a $47 million settlement fund, even though plaintiffs had sought $47 billion: A Missouri bankruptcy court administrator on Wednesday signed off on a deal that gives millions of victims of a 2023 data breach at 23andMe a cut of a $46.8 million settlement fund. About 7 million […]