Apple Insider reports: Apple supply chain member Luxshare suffered a major data breach in December, and hackers that pilfered the files are now offering it for sale on the dark web. It looks legit. The Apple supply chain is typically a very secure system, and core to the existence of Apple itself. This leads it […]
The Hill reports: Members of Elon Musk’s Department of Government Efficiency (DOGE) improperly shared Social Security data through a third-party server, according to a recent court filing from the Justice Department. The DOGE team embedded at the Social Security Administration (SSA) used Cloudflare, which was not approved for storing agency data, to share data during a 10-day period in March, the […]
The Minnesota Department of Human Services’ vendor breach was not the only recent breach disclosed that affected more than 300,000 people. Monroe University in New York also disclosed a breach involving a lot of sensitive information. From their January 13 notification letter: We are posting this notice to inform our community of a data security […]
The Minnesota Star Tribune reports: A breach in a Minnesota Department of Human Services system allowed inappropriate access to the private data of nearly 304,000 people. There is not evidence the data was misused, the department said in a Jan. 16 letter notifying impacted individuals. The letter was sent about four months after the breach […]
The HIPAA Journal reports: TriZetto Provider Solutions, a Cognizant-owned provider of revenue management services to physicians, hospitals, and health systems, has started notifying certain healthcare clients about a recently identified cybersecurity incident. On October 2, 2025, suspicious activity was identified within a web portal used by some of its healthcare provider customers to access TriZetto […]
Top Class Actions reports: American Addiction Centers Inc. agreed to a $2.75 million class action lawsuit settlement to resolve claims it failed to adequately protect patients’ private information. The settlement benefits individuals whose personal information was potentially compromised in a data breach involving American Addiction Centers on or about Sept. 26, 2024, and who were […]
Help Net Security reports: Law enforcement agencies in Ukraine and Germany have identified two members of a Russian-affiliated ransomware group and carried out searches in western Ukraine. Investigators also named the alleged organizer, a Russian national, and placed him on an international wanted list through INTERPOL. Foreign law enforcement agencies said the individual may have […]
The San Diego Union-Tribune reports: A survey by the Identity Theft Resource Center, a San Diego-based education and victim resource nonprofit, found that 38% of small businesses hit by a cyberscam or breach in the previous 12 months passed those losses to customers by raising prices. Another key finding: Cybercrime against small businesses is increasingly […]
On November 21, 2025, the University of Phoenix learned it had been affected by the Oracle E-Business Suite vulnerability that Clop threat actors had been exploiting to exfiltrate data between August 13, and August 22, 2025. The incident involved personal information for 3,489,274 people nationwide, as reported to the Maine Attorney General’s Office on December […]
Over 160,000 Companies Notify Regulators of GDPR Breaches
Infosecurity Magazine reports: The number of organizations notifying their GDPR regulator of a data breach surged by 22% to a daily average of 443 in 2025, according to DLA Piper. The global law firm has been analyzing GDPR regulatory activity every year since the data protection regulation came into being in 2018. The past 12 months […]