All CosmicBytez Labs articles tagged #Data Breach, across news, security advisories, how-to guides, and projects.
Former Colorado election clerk Tina Peters, convicted for her role in an election security breach, struck an unrepentant pose in her first interview after Colorado Governor Jared Polis commuted her prison sentence — vowing to continue her legal fight.
California Attorney General Rob Bonta filed a lawsuit against 23andMe — now Chrome Holding Co. — over its failure to protect millions of customers'...
ShinyHunters stole personal information from 4.9 million Charter Communications accounts in an April 2026 hack, confirmed via Have I Been Pwned.
Noteworthy cybersecurity stories from the week: Trump Mobile exposes customer data, phishers target 2026 FIFA World Cup fans, and CISA responds to recent...
A North Carolina man was sentenced to more than 10 years in federal prison for selling the personal information of over 7 million elderly Americans to...
Carnival Corporation, the world's largest cruise operator, confirms a breach affecting nearly 6M people after ShinyHunters' April 2026 extortion claim.
A reported breach of 5.8M Uruguayan records is the latest in a growing pattern of attackers monetizing Latin American government citizen data.
Dutch police arrested a suspect over a cyber breach at Ajax football club, seizing digital storage devices from his home in the town of Buren.
ShinyHunters has leaked data allegedly stolen from 7-Eleven containing email addresses, names, physical addresses, and dates of birth for approximately 185,000.
The ShinyHunters extortion gang stole the personal information of over 185,000 customers after breaching convenience store giant 7-Eleven in April 2026, with.
Immigration law practice management software DocketWise has disclosed a data breach affecting 143,000 individuals, with hackers accessing names, addresses.
Microsoft patches a CVSS 8.8 SharePoint RCE; the Megalodon campaign poisons 5,561 GitHub repos in six hours; 7-Eleven's ShinyHunters breach hits 185,000; and a.
Radiology Associates of Richmond has disclosed a cyberattack in which threat actors stole files containing names and protected health information belonging to.
An unnamed oncology institute has disclosed a data breach originating from a third-party vendor compromise, with TriZetto cited as one possible candidate.
Grafana confirmed attackers stole internal source code and data after a GitHub token compromised in the TanStack npm supply chain attack was never...
Members of Congress are demanding answers from CISA after a contractor intentionally published AWS GovCloud access keys and a trove of agency secrets on a...
The 2026 Verizon Data Breach Investigations Report highlights how evolving social engineering tactics are making the healthcare sector more vulnerable,...
GitHub has confirmed that hackers who stole 3,800 internal repositories gained access through a malicious version of the Nx Console VS Code extension...
GitHub is investigating unauthorized access to thousands of internal repositories after an employee device was compromised through the TanStack npm supply...
GitHub has officially confirmed it was breached by the TeamPCP threat actor after the group advertised stolen internal source code on a cybercrime forum....
GitHub has confirmed a data breach in which the TeamPCP threat actor stole approximately 4,000 internal repositories. The company states no customer data...
GitHub is investigating unauthorized access to its internal repositories after the TeamPCP threat actor listed approximately 4,000 GitHub internal repos...
Grafana Labs has revealed that its May 2026 source code breach was caused by a single GitHub workflow token that was inadvertently missed during the token...
Grafana Labs confirms its GitHub environment was breached through the TanStack npm supply chain attack, exposing public and private source code...
A Microsoft Exchange zero-day is being exploited with no patch in sight; Verizon DBIR 2026 marks a landmark shift — vulnerability exploitation now...
Convenience store giant 7-Eleven has confirmed a data breach after the ShinyHunters extortion group publicly claimed responsibility for the attack. The...
Verizon's 2026 Data Breach Investigations Report reveals a landmark shift: vulnerability exploitation has surpassed credential abuse as the leading breach...
7-Eleven has confirmed a data breach after ShinyHunters claimed to have stolen more than 600,000 Salesforce records containing personal information and...
Grafana has confirmed a security breach after the Coinbase Cartel cybercrime group — linked to ShinyHunters, Scattered Spider, and Lapsus$ — claimed to...
Grafana Labs confirmed that hackers downloaded its source code after breaching its GitHub environment using a stolen access token. The attackers attempted...
Multiple healthcare data breaches impacting hundreds of thousands to millions of individuals have been added to the HHS breach tracker, continuing a...
Grafana has disclosed that an unauthorized party obtained a GitHub access token, used it to download the company's entire codebase, and then attempted...
Other noteworthy stories this week: Big Tech firms push back against Canada's encryption legislation, Cisco releases a free AI security specification, and...
The non-bank lender discovered a ransomware attack nearly one year ago but only recently completed its investigation, notifying over 123,000 individuals...
The TeamPCP threat group claims to have stolen source code repositories from Mistral AI and is advertising them for sale on criminal forums, threatening...
OpenAI confirmed that two employees' devices were compromised during the TanStack supply chain attack, which hit hundreds of npm and PyPI packages. The...
Telehealth platform OpenLoop Health has disclosed that a January 2026 cyberattack resulted in the exfiltration of personal information belonging to...
Foxconn, the world's largest electronics manufacturer, confirmed a cyberattack on its North American factories claimed by the Nitrogen ransomware gang,...
Electronics manufacturing giant Foxconn has confirmed a cyberattack on its North American operations after the Nitrogen ransomware group claimed...
The House Committee on Homeland Security has demanded a briefing from Instructure, the company behind the Canvas LMS platform, after a ransomware attack...
Škoda Auto, the Czech automaker wholly owned by Volkswagen Group, has disclosed a data breach after attackers compromised its official online shop and...
Educational technology company Instructure, parent of Canvas LMS, has reached an undisclosed 'agreement' with the ShinyHunters extortion group after a...
The UK's Information Commissioner's Office has fined South Staffordshire Water Plc and its parent company £963,900 ($1.3 million) after a cyberattack...
West Pharmaceutical Services, a global manufacturer of drug delivery systems and packaging, has taken systems offline worldwide after hackers exfiltrated...
West Pharmaceutical Services filed an SEC disclosure warning that hackers breached the company on May 4, stole data, and encrypted systems — forcing a...
Google confirms the first AI-generated zero-day in the wild; TeamPCP's Mini Shai-Hulud worm hits TanStack, Mistral AI, and Guardrails AI; Instructure pays...
Hackers exploited a vulnerability in Skoda's online shop portal to access customer personal data including names, addresses, email addresses, and phone...
The UK's Information Commissioner's Office fined South Staffordshire Water nearly £1 million after the Cl0p ransomware group maintained undetected access...
Resetting compromised passwords is a natural first response to a breach, but it's not enough. Cached credentials, Kerberos ticket grants, and persistent...
A data extortion attack against Canvas LMS defaced login pages with a ransom demand, disrupting classes and coursework at school districts and...
ShinyHunters has struck education technology giant Instructure again, exploiting a fresh vulnerability to deface Canvas login portals across hundreds of...
General Motors has agreed to pay over $12 million to settle California privacy violations under the CCPA after sharing detailed driver behavior data —...
Dozens of universities were forced to reschedule final examinations after a cybercriminal group displayed threatening messages through Canvas, the widely...
California regulators have issued a record $12 million settlement against General Motors for sharing OnStar driving behavior data with insurers without...
Trellix, the enterprise security vendor formed from the merger of McAfee Enterprise and FireEye, has suffered a source code breach claimed by the...
Hackers gained access to Zara's customer databases and stole personal information belonging to more than 197,000 individuals, with the breach surfacing...
NVIDIA has confirmed that GeForce NOW user data was exposed in a data breach, with the incident specifically affecting users in Armenia. The company...
The RansomHouse threat group has claimed responsibility for the Trellix source code repository breach disclosed last week, leaking a set of proof images...
A newly disclosed critical vulnerability in cPanel and WHM tracked as CVE-2026-41940 is being mass-exploited by ransomware actors to breach web hosting...
Instructure, the company behind the widely used Canvas learning management system, has disclosed a cybersecurity incident and is investigating its scope....
Cybersecurity vendor Trellix has confirmed unauthorized access to a portion of its source code repository, engaging leading forensic experts to assess the...
French authorities have detained a 15-year-old suspected of selling data stolen in a cyberattack on France Titres (ANTS), the agency responsible for...
French authorities took a 15-year-old into police custody on April 25 over suspected involvement in a data breach targeting ANTS, the National Agency for...
Moldova's national health insurance agency CNAM has disclosed a cyberattack that occurred several weeks ago, with technical assessments indicating a...
Healthcare organization took nearly one year to publicly disclose a data breach after being targeted by Inc Ransom ransomware, with approximately 170,000...
The Vercel breach, traced to a compromised third-party AI tool with OAuth access, illustrates how Shadow AI adoption and unchecked OAuth integrations are...
Medical device giant Medtronic has confirmed a data breach after the ShinyHunters cybercrime group claimed to have stolen records belonging to 9 million...
Vimeo has confirmed that customer and user data was accessed without authorization following a security breach at Anodot, a data anomaly detection...
ShinyHunters hits Medtronic and ADT in the same week, exposing millions of records; a critical one-push RCE lands in GitHub; LiteLLM's pre-auth SQL...
Checkmarx has confirmed that data from its GitHub repositories has been published on the dark web following an investigation into the March 23 supply...
The ShinyHunters extortion group stole the personal information of 5.5 million individuals after breaching the systems of home security giant ADT earlier...
Medical device giant Medtronic has disclosed a data breach after hackers claimed to have stolen data from 9 million individuals across the company's...
Pro-Ukrainian hacktivist group PhantomCore has been attributed to a sustained campaign targeting TrueConf video conferencing servers across Russia since...
Itron, Inc. has disclosed a cybersecurity incident via SEC Form 8-K in which an unauthorized third party accessed certain internal systems at the utility...
Home security giant ADT confirmed that cybercriminals breached its systems and stole a limited set of customer and prospective customer information. The...
Article 9 of DORA makes authentication and access control a legal obligation for EU financial entities. With stolen credentials now the single largest...
Home security giant ADT has confirmed a data breach after the ShinyHunters extortion group threatened to publish stolen data unless a ransom is paid,...
A critical SQL injection vulnerability in the end-of-life Borg SPM 2007 application allows unauthenticated remote attackers to inject arbitrary SQL...
Vercel has expanded its breach investigation tied to the Context.ai supply chain compromise and identified additional customer accounts with unauthorized...
France Titres, the French government agency responsible for issuing and managing administrative documents, has confirmed a cyberattack after a threat...
Vercel has confirmed a security breach in which limited customer credentials were exposed after an employee's workstation was compromised through malware...
France Titres, the French government agency responsible for issuing administrative identity documents, has confirmed a data breach after a threat actor...
Vercel confirms breach through a compromised third-party AI coding tool; North Korean hackers attributed to a $290 million crypto theft; 6,400 Apache...
Vercel confirmed suffering a breach after a hacker claiming to be part of ShinyHunters offered to sell stolen data for $2 million, affecting the company...
Vercel's security breach originated from the compromise of Context.ai, a third-party AI tool used by a company employee, allowing attackers to gain...
Stolen OAuth tokens from a compromised employee AI tool enabled attackers to pivot into Vercel's internal systems. Security researchers warn that...
The Vercel security breach originated at Context.ai after an employee downloaded Lumma Stealer disguised as Roblox cheat software. The incident exposes...
A ransomware campaign operating since at least 2019 has persistently targeted Turkish home users and small-to-medium businesses, largely evading major...
Prompt injection vulnerabilities in Salesforce Agentforce and Microsoft Copilot would have allowed unauthenticated attackers to exfiltrate sensitive CRM...
Cloud development platform Vercel has confirmed a security incident after threat actors claimed to have stolen internal databases, API keys, tokens, and...
Credential-based attacks now dominate the threat landscape, and traditional detection models are failing. Here are the fundamental shifts cybersecurity...
ShinyHunters exploited compromised Okta SSO credentials to breach the Hims & Hers Zendesk customer support platform, exposing treatment category data for...
A data breach of the Los Angeles city attorney's office systems has exposed sensitive LAPD law enforcement files, with social media posts advertising 7.7...
Bitcoin Depot, one of North America's largest Bitcoin ATM operators, has filed an SEC disclosure revealing a cyberattack in which threat actors gained...
Eurail B.V. has confirmed that a December 26, 2025 breach exposed the personal data of 308,777 individuals — including passport copies, IBAN bank details,...
Bitcoin Depot, operator of one of the largest Bitcoin ATM networks in North America, disclosed that attackers stole $3.665 million in Bitcoin from its hot...
Eurail has disclosed a December 2025 data breach in which a hacker stole 1.3 TB of data including passport numbers for over 300,000 customers, source...
Over a dozen companies have suffered data theft attacks after a SaaS integration provider was breached and authentication tokens stolen, enabling...
The FBI's Internet Crime Complaint Center reports that U.S. victims lost nearly $21 billion to cyber-enabled crimes in 2025 — an all-time record — driven...
SecurityWeek reports that the Medusa ransomware group has developed a dangerous capability: rapidly weaponizing newly disclosed vulnerabilities —...
Microsoft has raised the alarm over Medusa ransomware's unprecedented operational speed, with the group now exploiting zero-day vulnerabilities before...
IBM's 2025 Cost of a Data Breach Report puts the average breach at $4.4 million — but that headline figure understates the true damage when credential...
Microsoft warns that Medusa ransomware operators are exploiting zero-day vulnerabilities approximately one week before public disclosure, enabling the...
Researchers from the University of Toronto have demonstrated GPUBreach, a novel attack that induces Rowhammer bit-flips in GPU GDDR6 memory to bypass...
Infostealers are harvesting credentials and session cookies at scale, quietly bypassing MFA and traditional defenses. Here's why organizations need...
ENISA has officially attributed the massive European Commission data breach — and a wider campaign affecting 30 EU institutions — to the TeamPCP hacking...
The European Commission has confirmed a major data breach of its AWS environment, with over 300GB of data stolen — including personal information of EU...
Telehealth giant Hims & Hers Health is warning customers of a data breach after support tickets were stolen from a third-party customer service platform,...
Nacogdoches Memorial Hospital in Texas has disclosed a January 2026 data breach in which a threat actor accessed its internal network and stole personal...
As organizations disclose breaches tied to TeamPCP's supply chain attacks, ShinyHunters and Lapsus$ are taking credit and creating a murky attribution...
CERT-EU has attributed the European Commission cloud account compromise to the TeamPCP threat group, revealing the breach exposed sensitive data from at...
The accidental exposure of Anthropic's Claude Code source code via an npm packaging error is the latest reminder that software supply chains need...
The Qilin ransomware group has claimed responsibility for an attack against German political party Die Linke, forcing an IT systems outage and threatening...
A large-scale credential harvesting campaign has been observed exploiting the React2Shell vulnerability (CVE-2025-55182) as an initial infection vector,...
A hacking group claimed to have breached the file-transfer system used by a company that provides services to Nissan and Infiniti dealerships across North...
Anthropic confirmed that internal source code for its Claude Code AI coding assistant was accidentally published to npm due to a human packaging error. No...
Cisco has suffered a major cyberattack after threat actors leveraged stolen credentials from the recent Trivy supply chain compromise to breach its...
The Netherlands Ministry of Finance has taken its treasury banking portal offline after detecting a cyberattack that went undetected for roughly two...
A new underground platform called Leak Bazaar positions itself as a data-processing business, offering to monetize stolen records on behalf of ransomware...
A new report reveals how industrialized credential theft has become the common thread connecting ransomware campaigns, SaaS platform breaches, and...
The European Commission has confirmed a data breach after its Europa.eu web platform was compromised in an attack claimed by the ShinyHunters extortion gang.
CareCloud has notified the U.S. Securities and Exchange Commission of a cyberattack that may have resulted in the unauthorized access and potential...
Healthcare IT company CareCloud has disclosed a cyberattack that resulted in the theft of sensitive patient data and caused an eight-hour network outage,...
Iran-linked Handala hackers have breached the personal email account of FBI Director Kash Patel, publishing stolen photos and documents in a high-profile...
ShinyHunters claimed a breach of Infinite Campus on March 22, 2026, after gaining access through an employee's Salesforce account. The K-12 student...
Iran's Handala Hack Team breached the personal email of FBI Director Kash Patel, leaking photos and documents online, while simultaneously launching a...
The European Commission is investigating a security breach after a threat actor gained unauthorized access to its Amazon Web Services cloud environment...
Russian authorities have detained a suspected administrator of LeakBase, a major stolen-data marketplace with over 147,000 subscribers, just weeks after...
Researchers say the GitHub leak of the DarkSword iOS exploit chain — six chained vulnerabilities targeting iOS 18.4 through 18.7 — threatens to...
Russian law enforcement has arrested the alleged administrator of LeakBase — a credential marketplace operating since 2021 with 142,000 members and...
This week: the DarkSword iOS exploit chain published on GitHub threatens to democratize nation-state-grade iPhone hacking; CanisterWorm turns the Trivy...
QualDerm Partners, a national dermatology network operating 158 practices across 17 states, disclosed a December 2025 data breach that exposed the medical...
A compromised private key allowed an attacker to mint $80 million in unbacked USR stablecoins on the Resolv DeFi protocol, extract $24.5 million in ETH,...
Popular anime streaming platform Crunchyroll is investigating a breach after hackers claimed to have stolen personal information for approximately 6.8...
Mazda Motor Corporation has disclosed a security incident detected in December 2025 in which unauthorized access to a warehouse management system exposed...
A cyberattack on French healthcare software vendor Cegedim Santé exposed 15.8 million patient records from 3,800 doctors, with leaked data including...
The Qilin ransomware-as-a-service group has listed Malaysia Airlines on its leak site, claiming access to passenger records, personnel files, and...
The Trivy open-source vulnerability scanner was compromised in a supply chain attack by the threat group TeamPCP, which hijacked 75 release tags and...
Former incident responder Ryan Goldberg and ransomware negotiator Kevin Martin admitted to running ALPHV/BlackCat ransomware operations against five US...
Plano-based fintech vendor Marquis disclosed that a ransomware attack exploiting a SonicWall firewall vulnerability compromised Social Security numbers,...
Navia Benefit Solutions has confirmed a data breach that exposed personal and health plan information belonging to approximately 2.7 million individuals,...
Navia Benefit Solutions has notified nearly 2.7 million individuals of a data breach that exposed sensitive personal and health-related information to...
Trivy, Aqua Security's widely used open-source vulnerability scanner, was compromised a second time in a month. Attackers hijacked 75 GitHub Actions tags...
Texas fintech Marquis Software Solutions has confirmed a ransomware attack in August 2025 exposed data of 672,000+ individuals and disrupted operations at...
A new Grip Security report analyzing 23,000 SaaS environments finds 100% of companies operate shadow AI they cannot see or control — with a 490% spike in...
This week: GlassWorm escalates with 72 malicious Open VSX extensions and a GitHub token force-push campaign poisoning hundreds of Python repos; CISA adds...
England Hockey, the national governing body for field hockey in England, is investigating a potential data breach after the AiLock ransomware group listed...
Canadian telecom giant Telus Digital has confirmed a security incident after the ShinyHunters hacking group claimed to have stolen nearly 1 petabyte of...
This week: UNC6426 weaponizes a stale npm supply chain compromise to seize full AWS admin in 72 hours, Cognizant TriZetto leaks 3.4 million patient...
Ericsson's U.S. subsidiary has disclosed a data breach after attackers hacked a third-party service provider between April 17–22, 2025, exposing names,...
TriZetto Provider Solutions, a Cognizant subsidiary serving 875,000 US healthcare providers, has confirmed a 2024 cyberattack went undetected for nearly a...
LexisNexis Legal & Professional confirms a data breach after threat actor FulcrumSec exploited an unpatched React2Shell vulnerability to exfiltrate 2.04...
An unprotected MongoDB instance belonging to identity verification firm IDMerit left over 1 billion personal records — including SSNs, passport numbers,...
A repackaged dataset containing 176 million AT&T customer records — including 148 million now-decrypted Social Security numbers — began circulating among...
The HellCat ransomware group has breached Swiss enterprise communications provider Ascom by exploiting Jira credentials harvested through infostealer...
Blockchain-based lending platform Figure Technology Solutions confirms a data breach affecting nearly 1 million customers after ShinyHunters exploited an...
The ShinyHunters cybercriminal syndicate has published stolen data from Harvard University and the University of Pennsylvania after both institutions...
Japan Airlines reveals unauthorized access to its Same-Day Baggage Delivery Service reservation system compromised personal data of up to 28,000...
A threat actor has published a database allegedly containing 19,000 user records from WormGPT, the underground AI platform marketed for offensive hacking...
The January 2025 ransomware attack on government technology giant Conduent continues to expand in scope, now confirmed to affect 15.4 million in Texas and...
The French Economy Ministry confirmed that a hacker stole credentials from a government official and accessed France's FICOBA centralized bank account...
Data extortion group ShinyHunters posts 1.67 GB of alleged Canada Goose customer data including names, emails, addresses, and partial payment card...
A misconfigured Google Firebase backend in the Chat & Ask AI app exposed 300 million private chatbot conversations from 25 million users, including...
The Netherlands' largest mobile network operator Odido has disclosed a data breach affecting 6.2 million customers, exposing names, addresses, bank...
South Korea's data protection authority has fined three LVMH luxury brands a combined $25 million for data breaches affecting millions of customers, with...
A hacker revealed 6.8 billion email addresses online on February 11, 2026, in one of the largest email database leaks in history, raising concerns about...
The ShinyHunters hacking group published a 760 MB archive of 5.1 million Panera Bread customer records on the dark web after the company refused to pay a...
Substack CEO Chris Best disclosed a data breach on February 5 affecting approximately 700,000 users, after an unauthorized party accessed the platform...
Government technology provider Conduent's January 2025 ransomware breach now confirmed to affect at least 15.4 million people in Texas alone, with 8TB of...
Information management giant Iron Mountain clarifies that alleged 1.4TB breach was limited to marketing materials after single credential compromise.
Threat intelligence reports show 8 active ransomware groups claimed 26 victims on February 2nd alone, with major corporations including BASF and Honeywell...
WorldLeaks extortion group claims responsibility for a data breach on Nike, allegedly exposing 1.4 terabytes of internal data including supply chain and...
Qilin ransomware group claims responsibility for massive healthcare breach, stealing 850GB of sensitive patient data across multiple states. Initial...
Telegram is investigating claims that a threat actor is selling data from 30 million users. The company denies any breach of its systems while the...
Claims administration firm Sedgwick confirms cybersecurity incident at government subsidiary after TridentLocker ransomware group claims theft of 3.4 GB...