TechCrunch reports: New York public health provider NYC Health + Hospitals says a months-long data breach that allowed hackers to steal personal data, medical records, and fingerprints scans affects at least 1.8 million people. NYCHHC is the largest public health system in the United States and provides healthcare to over a million New Yorkers, the majority of whom […]
When the federal agency that directs organizations and agencies to quickly attend to vulnerabilities and breaches has its own breach, people notice. Brian Krebs reports: Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA […]
Cybernews reports: 7-Eleven confirms its internal systems were breached in April, exposing the information of an unknown number of individuals just weeks after the ShinyHunters ransomware group listed the global convenience store chain as part of its recent “pay-or-leak” campaign. The Texas-based retail giant has now begun sending a “Notice of Security Incident” to affected […]
The Register reports: Data allegedly belonging to CTT, the operator of Portugal’s national postal service, has leaked online, affecting hundreds of thousands of individuals. According to HaveIBeenPwned, which ingested the data, a little more than 468,000 unique email addresses were included in the vast data dump, along with full names, phone numbers, and parcel tracking codes […]
BleepingComputer reports: The ShinyHunters extortion gang stole personal information belonging to over 119,000 people after hacking the Vimeo online video platform in April, according to data breach notification service Have I Been Pwned. Vimeo is a video hosting and streaming platform publicly traded on the Nasdaq stock market, with over 300 million registered users and […]
CNN reports: US officials suspect Iranian hackers are behind a series of breaches of systems that monitor the amount of fuel in storage tanks serving gas stations in multiple states, according to multiple sources briefed on the activity. The hackers responsible have exploited automatic tank gauge (ATG) systems that were sitting online and unprotected by passwords, allowing them […]
There has been yet another development in the hack-and-leak attack on edtech giant Instructure, which was targeted by the ShinyHunters gang in April. When Instructure didn’t pay the gang’s ransom demands to delete the data, ShinyHunters attacked them again, defacing Canvas login pages with a note from ShinyHunters to schools. CNN reports: An apparent cyberattack shut down an […]
Hackers stole data of 119,000 Vimeo users in April. The breach, linked to a third‑party vendor, exposed personal details. Security Affairs reports: Vimeo confirmed a data breach after the ShinyHunters gang stole personal information of 119,000 users in April 2026. According to Have I Been Pwned, the attackers accessed user data through a compromise at Anodot, a third‑party analytics […]
By now, many, if not all, people are likely to be leery of text messages or voicemails claiming to be a friend or relative in great financial distress and needing you to send them money. But criminals, adapting creatively, have added a new element: they can superimpose a picture of you next to a hospital […]
The Register reports: French prosecutors say police detained a 15-year-old on April 25 over the alleged theft of millions of records from France Titres (ANTS), the agency handling secure documents. The Paris Prosecutor’s Office announced on Thursday that the minor, suspected of using the online alias “breach3d” and not named because French law protects minors, […]
