The Record reports: France’s data protection regulator has fined the software company Nexpublica France €1.7 million ($2 million) for poor cybersecurity practices in the wake of a data breach. In November 2022, users of a Nexpublica portal reported they could access documents about third parties. France’s data regulator, known as CNIL, investigated the incident and […]
SecurityWeek provides an update on the Coupang breach: Coupang, the South Korean ecommerce giant listed in the US (NYSE: CPNG), on Monday announced plans to spend 1.685 trillion won (~$1.17 billion) in compensation over a recent data breach. The incident, the company said in early December, was discovered on November 18, and involved unauthorized access […]
News19 reports: Nearly a quarter of a million residents in South Carolina may have had their data exposed in a breach that occurred months earlier, according to state records. A data breach notice provided to the South Carolina Department of Consumer Affairs (SCDCA) by Prosper Marketplace Inc. on Dec. 11 stated that the company learned […]
BleepingComputer reports: A hacker claims to have breached Condé Nast and leaked an alleged WIRED database containing more than 2.3 million subscriber records, while also warning that they plan to release up to 40 million additional records for other Condé Nast properties. On December 20, a threat actor using the name “Lovely” leaked the database […]
Security Affairs reports: The blockchain intelligence firm TRM Labs warns that encrypted vault backups stolen in the 2022 LastPass breach are still being cracked using weak master passwords, enabling crypto theft as late as 2025. In 2022, hackers breached LastPass, stealing encrypted backups of roughly 30 million vaults containing sensitive credentials, including crypto keys. TRM […]
The Daily Hodl reports: Nearly a quarter of a million Americans are being warned that their personal and financial information may have been exposed after hackers breached a US-based financial services firm. According to disclosures made to state regulators, the accounting and advisory firm SAX LLP reported that an unauthorized party gained access to parts of its […]
The Register reports: The US says it has shut down a platform used by cybercriminals to break into Americans’ bank accounts. A law enforcement splash page now appears when trying to reach web3adspanels.org, which supported SEO poisoning campaigns designed to steal people’s bank account credentials. Criminals would pay for prime slots in search engine results, […]
There is an update the Aflac breach previously reported on this site. The Record reports: A data breach in June exposed the information of more than 22 million Aflac customers, according to a new statement from the company. The Georgia-based insurance giant published a statement on Friday about the conclusion of a months-long investigation into a cybersecurity […]
By Hunton Andrews Kurth’s Privacy and Cybersecurity Blog: On December 16, 2025, the Federal Trade Commission (“FTC”) announced an enforcement action against Illusory Systems Inc., a Utah-based company doing business as Nomad, following a major data breach in which hackers stole $186 million from consumers. The FTC alleges that Illusory Systems failed to implement adequate data security […]
AP reports: A pro-Russian hacking group claimed responsibility for a major cyberattack that halted package deliveries by France’s national postal service just days before Christmas, prosecutors said Wednesday. After the claim by the cybercrime group known as Noname057, French intelligence agency DGSI took over the investigation into the hacking attack, the Paris prosecutor’s office said in a […]
