LATEST POST
Google ends dark web personal data leak alerts from January 15
The International News reports: Google is discontinuing the use of the Dark Web Report service, which notified users when their own information was available online or on the dark web. This will come to an end as the service stops searching for new results from January 15, and the data will all be deleted by […]
BreachForums Database of 323,986 BreachForums Users Leaked
As seen on HackRead: Resecurity, which shared its research with Hackread.com, found that the leaked file contains information on 323,986 users, including their “metadata extracted from MySQL DB,” which is basically a digital footprint that could help identify the people behind the screens. The database was published on shinyhunte.rs, a site that has previously hosted stolen […]
Meta admits to Instagram password reset mess, denies data leak
The Register reports: Meta has fixed a flaw in its Instagram service that allowed third parties to generate password reset emails, but denied the problem led to theft of users’ personal information. Last Friday, security software vendor Malwarebytes claimed “Cybercriminals stole the sensitive information of 17.5 million Instagram accounts, including usernames, physical addresses, phone numbers, email addresses, […]
Patients notified months after Canopy Healthcare cyber incident
DigWatch reports: Canopy Healthcare, one of New Zealand’s largest private medical oncology providers, has disclosed a data breach affecting patient and staff information, six months after the incident occurred. The company said an unauthorised party accessed part of its administration systems on 18 July 2025, copying a ‘small’ amount of data. Affected information may include patient records, […]
Hackers abuse Google Cloud to send trusted phishing emails
Fox News reports: Cybercriminals have found a clever new way to get phishing emails straight into inboxes. Instead of spoofing brands, they are abusing real cloud tools that people already trust. Security researchers say attackers recently hijacked a legitimate email feature inside Google Cloud. The result was thousands of phishing messages that looked and felt like […]
Cloud file-sharing sites targeted for corporate data theft attacks
BleepingComputer reports: A threat actor known as Zestix has been offering to sell corporate data stolen from dozens of companies likely after breaching their ShareFile, Nextcloud, and OwnCloud instances. According to cybercrime intelligence company Hudson Rock, initial access may have been obtained through credentials collected by info-stealing malware such as RedLine, Lumma, and Vidar deployed on employee devices. […]
HIPAA Compliance and Breach Communications: Helpful Tips for SMBs
An article by DataBreaches.net in collaboration with North Country Communications, LLC On December 15, North Country Communications launched as a consultancy dedicated to helping small and mid-sized HIPAA-regulated entities comply with HIPAA’s privacy, security, and breach notification requirements. DataBreaches took the opportunity to interview its founder, Rachel Klugman Seeger, about the services she provides to clients through on-site or […]
Third-Party Data Breaches: What You Need to Know
Sarah Hemmersbach or Mitratech Holdings writes: A third-party data breach occurs when malicious actors compromise a vendor, supplier, contractor, or other organization to gain access to sensitive information or systems of the victim’s customers, clients, or business partners. Third-party data breaches are becoming increasingly common as technology makes it easier for businesses to connect and […]