News - The Data Breach Times

September 18, 2025

409 views 3 secs 0

ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks

Bleeping Computer reports: The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. For the past year, the threat actors have been targeting Salesforce customers in data theft attacks using social engineering and malicious OAuth applications to breach Salesforce instances and download data. The stolen data […]

September 17, 2025

494 views 6 mins 0

Founder of One of World’s Largest Hacker Forums Resentenced to Three Years in Prison

From the U.S. Department of Justice, September 16, 2025: Fitzpatrick will be serving his prison sentence at FCI Danbury.

Legal News, Data Breach News, News

September 17, 2025

105 views 21 secs 0

China slaps 1-hour deadline on reporting serious cyber incidents

The Register reports that coming soon, entities in China will have only one hour from discovery to report a serious cyber incident — or even only 30 minutes if it is very serious: From November 1, the Cyberspace Administration of China (CAC) will enforce its new National Cybersecurity Incident Reporting Management Measures, a sweeping set of […]

Data Breach News, News

September 13, 2025

565 views 2 mins 0

Gucci, Balenciaga, Brioni, and Alexander McQueen allegedly hit by Salesforce attacks

More high-end retailers have reportedly fallen prey to Salesforce attacks. As first reported by DataBreaches.net, Gucci customer data was stolen last year. The data included more than 43 million records with customers’ names, age range, month and date of birth, email addresses, mobile phone numbers, addresses, total sales prices, and some additional information. The records […]

Healthcare, Data Breach News, Miscellaneous News, News, Vulnerabilities

September 10, 2025

610 views 10 secs 0

HHS Releases Updated Security Risk Assessment Tool

From HHS OCR:

Data Breach News, Malware Ransomware, News

September 09, 2025

630 views 36 secs 0

18 Popular Code Packages Hacked, Rigged to Steal Crypto

KrebsOnSecurity reports: At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The attack appears to have been quickly contained and was narrowly focused on stealing cryptocurrency. But experts warn […]

News, Data Breach News, Legal News

September 05, 2025

802 views 2 mins 0

Texas sues PowerSchool For Data Breach That Compromised the Personal Information of Over 880,000 Texas School-Aged Children and Teachers

From Texas Attorney General Ken Paxton: Attorney General Ken Paxton filed suit against PowerSchool, a California-based provider of cloud-based services for K-12 schools, after an unprecedented data breach exposed the sensitive personal identifying information and protected health information of more than 880,000 Texas school-aged children and teachers. PowerSchool’s software collects, processes, and secures sensitive information […]

Data Breach News, News

September 04, 2025

741 views 2 mins 0

Hackers linked to M&S breach claim responsibility for Jaguar Land Rover cyber-attack

The Guardian reports: A group of English-speaking hackers linked to the Marks & Spencer cyber-attack has claimed responsibility for an attack on Jaguar Land Rover. A channel on the Telegram platform posted a screenshot of what appeared to be the carmaker’s internal IT systems, as well as a news article detailing the hack. The name of […]

Data Breach News, News

September 03, 2025

135 views 10 secs 0

Palo Alto Networks data breach exposes customer info, support cases

Bleeping Computer reports that Palo Alto Networks (PAN) has become another victim of the Salesloft Drift / Salesforce campaign: Palo Alto Networks suffered a data breach that exposed customer data and support cases after attackers abused compromised OAuth tokens from the Salesloft Drift breach to access its Salesforce instance. The company states that it was […]

Consumer Alerts, Data Breach News, News

August 31, 2025

103 views 2 mins 0

Google issues warning for all Gmail users

Updated September 1, 2025: Google issued a warning to all Gmail users, but then responded to headlines suggesting that there was any urgent problem or major security concern. Read Geekspin’s coverage, below, and then Google’s statement from September 1. Cyber threat looms for Gmail users following Salesforce data breach Google has issued a stark warning […]