TechCrunch reports: Automated investment platform Betterment has confirmed that hackers broke into some of its systems last week and accessed the personal information of an undisclosed number of its customers. In an email sent on Monday, which TechCrunch has seen, Betterment said that hackers gained access to some company systems on January 9 by way of a […]
As seen on HackRead: Resecurity, which shared its research with Hackread.com, found that the leaked file contains information on 323,986 users, including their “metadata extracted from MySQL DB,” which is basically a digital footprint that could help identify the people behind the screens. The database was published on shinyhunte.rs, a site that has previously hosted stolen […]
The Register reports: Meta has fixed a flaw in its Instagram service that allowed third parties to generate password reset emails, but denied the problem led to theft of users’ personal information. Last Friday, security software vendor Malwarebytes claimed “Cybercriminals stole the sensitive information of 17.5 million Instagram accounts, including usernames, physical addresses, phone numbers, email addresses, […]
DigWatch reports: Canopy Healthcare, one of New Zealand’s largest private medical oncology providers, has disclosed a data breach affecting patient and staff information, six months after the incident occurred. The company said an unauthorised party accessed part of its administration systems on 18 July 2025, copying a ‘small’ amount of data. Affected information may include patient records, […]
Fox News reports: Cybercriminals have found a clever new way to get phishing emails straight into inboxes. Instead of spoofing brands, they are abusing real cloud tools that people already trust. Security researchers say attackers recently hijacked a legitimate email feature inside Google Cloud. The result was thousands of phishing messages that looked and felt like […]
BleepingComputer reports: A threat actor known as Zestix has been offering to sell corporate data stolen from dozens of companies likely after breaching their ShareFile, Nextcloud, and OwnCloud instances. According to cybercrime intelligence company Hudson Rock, initial access may have been obtained through credentials collected by info-stealing malware such as RedLine, Lumma, and Vidar deployed on employee devices. […]
An article by DataBreaches.net in collaboration with North Country Communications, LLC On December 15, North Country Communications launched as a consultancy dedicated to helping small and mid-sized HIPAA-regulated entities comply with HIPAA’s privacy, security, and breach notification requirements. DataBreaches took the opportunity to interview its founder, Rachel Klugman Seeger, about the services she provides to clients through on-site or […]
Sarah Hemmersbach or Mitratech Holdings writes: A third-party data breach occurs when malicious actors compromise a vendor, supplier, contractor, or other organization to gain access to sensitive information or systems of the victim’s customers, clients, or business partners. Third-party data breaches are becoming increasingly common as technology makes it easier for businesses to connect and […]
BleepingComputer recaps what they view as the 15 biggest cybersecurity and cyberattack stories of 2025. Four of the 15 involve ShinyHunters or the ScatteredLapsus$Hunters collective. Among other stories: In 2025, ClickFix attacks became widely adopted by numerous threat actors, including state-sponsored hacking groups and ransomware gangs. What started as a Windows malware campaign, quickly expanded to macOS and […]
From an article in The Financial Poise: When a business gets the call that something has gone wrong with its data, the first instinct is usually panic. Systems are slow, employees are confused, and leadership wants answers immediately. But as cybersecurity incidents become a routine part of modern business life, the difference between companies that […]
