LATEST POST
Texas sues PowerSchool For Data Breach That Compromised the Personal Information of Over 880,000 Texas School-Aged Children and Teachers
From Texas Attorney General Ken Paxton: Attorney General Ken Paxton filed suit against PowerSchool, a California-based provider of cloud-based services for K-12 schools, after an unprecedented data breach exposed the sensitive personal identifying information and protected health information of more than 880,000 Texas school-aged children and teachers. PowerSchool’s software collects, processes, and secures sensitive information […]
Cloudflare Confirms Data Breach – Customer Data Exposed via Salesforce Attack
GBHackers reports: Cloudflare has disclosed a significant data breach affecting customer information following a sophisticated supply chain attack targeting its Salesforce integration with Salesloft Drift. The incident, which occurred between August 12-17, 2025, resulted in the exposure of customer support case data and potentially sensitive credentials shared through support channels. The cybersecurity company became aware […]
Dutch Lab Cancer Screening Hack Balloons to 941,000 Victims
BankInfoSecurity reports: With ransomware gang Nova threatening to leak patient data on the darkweb, a Dutch laboratory that performs cervical cancer tests for a government screening program is mum about the ransom negotiations, but it says the cyberattack in July has affected 941,000 patients – nearly double the initial estimate of 485,000 people. Bevolkingsonderzoek Nederland, […]
District of Arizona Clarifies Causes of Action Available for Breach of Health Data
Healthcare providers wrestling with the legal fallout of cyber-attacks just received a fresh reminder from the District of Arizona: traditional tort and contract theories remain difficult to sustain after a breach, but consumer-fraud statutes can keep a case alive. In Johnson v. Yuma Regional Medical Center, fourteen patients sued the hospital after a ransomware incident exposed […]
Hackers linked to M&S breach claim responsibility for Jaguar Land Rover cyber-attack
The Guardian reports: A group of English-speaking hackers linked to the Marks & Spencer cyber-attack has claimed responsibility for an attack on Jaguar Land Rover. A channel on the Telegram platform posted a screenshot of what appeared to be the carmaker’s internal IT systems, as well as a news article detailing the hack. The name of […]
More Personal Injury Lawyers Are Chasing Data-Breach Settlements
“U.S. lawyers filed 1,488 class-action lawsuits related to data breaches in 2024, up from 1,320 in 2023 and just 604 in 2022.” The Wall Street Journal reports: A growing number of personal injury lawyers are adding data-breach lawsuits to caseloads, alongside traffic accidents, medical malpractice and dog bites. The upswing is being fueled by a […]
Palo Alto Networks data breach exposes customer info, support cases
Bleeping Computer reports that Palo Alto Networks (PAN) has become another victim of the Salesloft Drift / Salesforce campaign: Palo Alto Networks suffered a data breach that exposed customer data and support cases after attackers abused compromised OAuth tokens from the Salesloft Drift breach to access its Salesforce instance. The company states that it was […]
Zscaler data breach exposes customer info after Salesloft Drift compromise
Cybersecurity company Zscaler has disclosed that it suffered a data breach after threat actors gained access to its Salesforce instance and stole customer information, including the contents of support cases. Bleeping Computer reports: This warning follows the compromise of Salesloft Drift, an AI chat agent that integrates with Salesforce, in which attackers stole OAuth and refresh tokens, […]