DigWatch reports: Canopy Healthcare, one of New Zealand’s largest private medical oncology providers, has disclosed a data breach affecting patient and staff information, six months after the incident occurred. The company said an unauthorised party accessed part of its administration systems on 18 July 2025, copying a ‘small’ amount of data. Affected information may include patient records, […]
Fox News reports: Cybercriminals have found a clever new way to get phishing emails straight into inboxes. Instead of spoofing brands, they are abusing real cloud tools that people already trust. Security researchers say attackers recently hijacked a legitimate email feature inside Google Cloud. The result was thousands of phishing messages that looked and felt like […]
BleepingComputer reports: A threat actor known as Zestix has been offering to sell corporate data stolen from dozens of companies likely after breaching their ShareFile, Nextcloud, and OwnCloud instances. According to cybercrime intelligence company Hudson Rock, initial access may have been obtained through credentials collected by info-stealing malware such as RedLine, Lumma, and Vidar deployed on employee devices. […]
An article by DataBreaches.net in collaboration with North Country Communications, LLC On December 15, North Country Communications launched as a consultancy dedicated to helping small and mid-sized HIPAA-regulated entities comply with HIPAA’s privacy, security, and breach notification requirements. DataBreaches took the opportunity to interview its founder, Rachel Klugman Seeger, about the services she provides to clients through on-site or […]
Sarah Hemmersbach or Mitratech Holdings writes: A third-party data breach occurs when malicious actors compromise a vendor, supplier, contractor, or other organization to gain access to sensitive information or systems of the victim’s customers, clients, or business partners. Third-party data breaches are becoming increasingly common as technology makes it easier for businesses to connect and […]
BleepingComputer recaps what they view as the 15 biggest cybersecurity and cyberattack stories of 2025. Four of the 15 involve ShinyHunters or the ScatteredLapsus$Hunters collective. Among other stories: In 2025, ClickFix attacks became widely adopted by numerous threat actors, including state-sponsored hacking groups and ransomware gangs. What started as a Windows malware campaign, quickly expanded to macOS and […]
From an article in The Financial Poise: When a business gets the call that something has gone wrong with its data, the first instinct is usually panic. Systems are slow, employees are confused, and leadership wants answers immediately. But as cybersecurity incidents become a routine part of modern business life, the difference between companies that […]
HIPAA Journal reports: The number of individuals affected by the hacking incident at Oracle Health has yet to be confirmed; however, the data breach is known to have affected approximately 80 hospitals, although a list of those hospitals has not been made public. Oracle Health has been notifying the affected healthcare provider clients, some of […]
Bloomberg News reports: Goldman Sachs Group Inc. warned investors in some of its alternative investment funds that their data may have been exposed in a breach at one of the bank’s law firms. In a Dec. 19 letter, Goldman said it had been informed of a “cybersecurity incident” by Fried Frank Harris Shriver & Jacobson LLP, which serves […]
Agencias reports a detail in the Coupang breach and arrest: Coupang, the South Korean e-commerce giant, has faced a serious data breach affecting 33.7 million customers, compromising sensitive information such as names, addresses, and phone numbers. The situation unfolded in late November when the company announced that hackers had accessed its users’ data. Since December 1, […]
