Every confirmed data breach we've indexed across 4679+ incidents from healthcare, finance, technology, government, retail, and education. Sourced from Verizon DBIR, public disclosure feeds, and major security news outlets. Updated automatically.
It took the healthcare organization nearly one year to publicly disclose a data breach after it was targeted by Inc Ransom. The post Sandhills Medical Says Ransomware Breach Affects 170,000 appeared first on SecurityWeek
A supply chain attack on SAP-related npm packages has put fresh scrutiny on the developer tools and build workflows that enterprises rely on to produce software. The campaign, referred to as “mini Shai-Hulud,” affecte
THV11 News reports: Pine Bluff School District Superintendent Dr. Jennifer Barbaree broke her silence Monday evening after a cyberattack that cost the district millions. According to district officials, the incident happ
Forescout has identified tens of thousands of exposed RDP and VNC servers that can be mapped to specific industries. The post Hundreds of Internet-Facing VNC Servers Expose ICS/OT appeared first on SecurityWeek.
cPanel fixed a critical authentication flaw that could let attackers access servers. The issue affects all supported versions. cPanel released security updates to address a critical authentication vulnerability that coul
Nogo Mania reports: The football world faces a serious security crisis. A large-scale cyberattack targeted the Asian Football Confederation, exposing sensitive data linked to more than 150,000 players and staff. The brea
The video platform Vimeo confirmed a security breach via Anodot that exposed metadata, video titles, and some user emails. Vimeo said some user data was accessed after a breach at Anodot. Anodot is a company that provide
A hacker using the alias "Xorcat" claims to have breached Polymarket using API flaws, but research suggests the leak could be just data scraping incident.
The Ukrainian police have arrested three individuals who hacked more than 610,000 Roblox gaming accounts and sold them for a profit of $225,000. [...]
On April 28, Sandhills Medical Foundation in South Carolina notified the Maine Attorney General’s Office of a data breach that affected a total of 169,017 people, only 8 of whom are Maine residents. Their notificat
The malware has filled the gap created by last year's law enforcement takedowns of Lumma and Rhadamanthys.
Michael Martin reports: Cherry Health says it is dealing with ongoing technology issues, but days into the disruption, officials have not explained what’s causing them. In a notice posted to their website, the health sy
Vimeo has disclosed that data belonging to some of its customers and users has been accessed without authorization following the recent breach at the Anodot data anomaly detection company. [...]
When 0APT and KryBit attacked each other, they exposed infrastructure and operational data, giving defenders rare insight into ransomware operations.
Medtronic confirms IT breach as ShinyHunters claims millions of records accesseda
ConnectWise ScreenConnect Path Traversal Vulnerability — ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and cri
The ShinyHunters cybercrime group claimed to have stolen 9 million records containing personal information from Medtronic. The post Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak appeared first on Securi
In the enterprise SaaS space, AI agents are becoming an integral part of the SaaS product. To make these intelligent agents truly useful, they need contextual, customer-specific knowledge, something standard Large Langua
The ShinyHunters group is threatening to leak stolen files unless Vimeo agrees to pay a ransom. The post Vimeo Confirms User and Customer Data Breach appeared first on SecurityWeek.
A DataBreaches.net Editorial The “BlueLeaks 2.0” data breach may be the worst privacy and data security breach affecting students that DataBreaches has seen in 20 years of reporting on breaches affecting the
Osservatorio Nessuno uncovered Morpheus spyware spreading via fake Android apps to steal data, highlighting rising covert surveillance tools. The non-partisan, non-religious, nonprofit organization Osservatorio Nessuno e
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository. [...]
Microsoft Windows Protection Mechanism Failure Vulnerability — Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network.
Itron, which serves utilities and cities around the world, discovered unauthorized access to its systems on April 13. The post Energy and Water Management Firm Itron Hacked appeared first on SecurityWeek.