Incindent List - 2026 2025 2024 2023 2021 2020 2019 2018
DATE |
NAME |
Info | CATEG. |
WEB |
| 25.1.26 | Okta SSO accounts targeted in vishing-based data theft attacks | Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks. BleepingComputer has learned that these kits are being used in active attacks to steal Okta SSO credentials for data theft. | Incindent | |
| 25.1.26 | Hackers breach Fortinet FortiGate devices, steal firewall configs | Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall configuration data, according to cybersecurity company Arctic Wolf. | Incindent | |
| 25.1.26 | Online retailer PcComponentes says data breach claims are fake | PcComponentes, a major technology retailer in Spain, has denied claims of a data breach on its systems impacting 16 million customers, but confirmed it suffered a credential stuffing attack. | Incindent | |
| 25.1.26 | Hacker admits to leaking stolen Supreme Court data on Instagram | A Tennessee man has pleaded guilty to hacking the U.S. Supreme Court's electronic filing system and breaching accounts at the AmeriCorps U.S. federal agency and the Department of Veterans Affairs. | Incindent | |
| 25.1.26 | Jordanian pleads guilty to selling access to 50 corporate networks | A Jordanian man has pleaded guilty to operating as an "access broker" who sold access to the computer networks of at least 50 companies. | Incindent | |
| 25.1.26 | CIRO confirms data breach exposed info on 750,000 Canadian investors | The Canadian Investment Regulatory Organization (CIRO) confirmed that the data breach it suffered last year impacts about 750,000 Canadian investors. | Incindent | |
| 18.1.26 | Grubhub confirms hackers stole data in recent security breach | Food delivery platform Grubhub has confirmed a recent data breach after hackers accessed its systems, with sources telling BleepingComputer the company is now facing extortion demands. | Incindent | |
| 18.1.26 | France fines Free Mobile €42 million over 2024 data breach incident | The French data protection authority (CNIL) has imposed cumulative fines of €42 million on Free Mobile and its parent company, Free, for inadequate protection of customer data against cyber threats. | Incindent | |
| 18.1.26 | Cloud marketplace Pax8 accidentally exposes data on 1,800 MSP partners | Cloud marketplace and distributor Pax8 has confirmed that it mistakenly sent an email to fewer than 40 UK-based partners containing a spreadsheet with internal business information, including MSP customer and Microsoft licensing data. | Incindent | |
| 18.1.26 | Victorian Department of Education says hackers stole students’ data | The Department of Education in Victoria, Australia, notified parents that attackers gained access to a database containing the personal information of current and former students. | Incindent | |
| 18.1.26 | Monroe University says 2024 data breach affects 320,000 people | Monroe University revealed that threat actors stole the personal, financial, and health information of over 320,000 people after breaching its systems in a December 2024 cyberattack. | Incindent | |
| 18.1.26 | Central Maine Healthcare breach exposed data of over 145,000 people | A data breach last year at Central Maine Healthcare (CMH) exposed sensitive information of more than 145,000 individuals. | Incindent | |
| 18.1.26 | Belgian hospital AZ Monica shuts down servers after cyberattack | Belgian hospital AZ Monica was forced to shut down all servers, cancel scheduled procedures, and transfer critical patients earlier today due to a cyberattack. | Incindent | |
| 17.1.26 | Target's dev server offline after hackers claim to steal source code | Hackers are claiming to be selling internal source code belonging to Target Corporation, after publishing what appears to be a sample of stolen code repositories on a public software development platform. After BleepingComputer notified Target, the files were taken offline and the retailer's developer Git server was inaccessible. | Incindent | |
| 17.1.26 | Spanish energy giant Endesa discloses data breach affecting customers | Spanish energy provider Endesa and its Energía XXI operator are notifying customers that hackers accessed the company's systems and accessed contract-related information, which includes personal details. | Incindent | |
| 17.1.26 | Prevent cloud data leaks with Microsoft 365 access reviews | Microsoft 365 has made file sharing effortless, but that convenience often leaves organizations with little visibility into who can access sensitive data. Tenfold explains how access reviews for shared cloud content can help organizations regain visibility, reduce unnecessary permissions, and prevent data leaks in Microsoft 365. | Incindent | |
| 17.1.26 | Instagram denies breach amid claims of 17 million account data leak | Instagram says it fixed a bug that allowed threat actors to mass-request password reset emails, amid claims that data from more than 17 million Instagram accounts was scraped and leaked online. | Incindent | |
| 17.1.26 | California bans data broker reselling health data of millions | The California Privacy Protection Agency (CalPrivacy) has taken action against the Datamasters marketing firm that sold the health and personal data of millions of users without being registered as a data broker. | Incindent | |
| 12.1.26 | Researchers Uncover Service Providers Fueling Industrial-Scale Pig Butchering Fraud | Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a- | Incindent | The Hacker News |
| 11.1.26 | BreachForums hacking forum database leaked, exposing 324,000 accounts | The latest incarnation of the notorious BreachForums hacking forum has suffered a data breach, with its user database table leaked online. | Incindent | |
| 11.1.26 | Illinois Department of Human Services data breach affects 700K people | The Illinois Department of Human Services (IDHS), one of Illinois' largest state agencies, accidentally exposed the personal and health data of nearly 700,000 residents due to incorrect privacy settings. | Incindent | |
| 11.1.26 | Illinois man charged with hacking Snapchat accounts to steal nude photos | U.S. prosecutors have charged an Illinois man with orchestrating a phishing operation that allowed him to hack the Snapchat accounts of nearly 600 women to steal private photos and sell them online | Incindent | |
| 9.1.26 | Sedgwick confirms breach at government contractor subsidiary | Claims administration and risk management company Sedgwick has confirmed that its federal contractor subsidiary, Sedgwick Government Solutions, was the victim of a security breach. | Incindent | |
| 9.1.26 | Cloud file-sharing sites targeted for corporate data theft attacks | A threat actor known as Zestix has been offering to corporate data stolen from dozens of companies likely after breaching their ShareFile, Nextcloud, and OwnCloud instances. | Incindent | |
| 9.1.26 | US broadband provider Brightspeed investigates breach claims | Brightspeed, one of the largest fiber broadband companies in the United States, is investigating security breach and data theft claims made by the Crimson Collective extortion gang. | Incindent | |
| 9.1.26 | Ledger customers impacted by third-party Global-e data breach | Ledger is informing some customers that their personal data has been exposed after hackers breached the systems of third-party payment processor Global-e. | Incindent | |
| 9.1.26 | NordVPN denies breach claims, says attackers have "dummy data" | NordVPN denied allegations that its internal Salesforce development servers were breached, saying that cybercriminals obtained "dummy data" from a trial account on a third-party automated testing platform. | Incindent | |
| 4.1.26 | Covenant Health says May data breach impacted nearly 478,000 patients | The Covenant Health organization has revised to nearly 500,000 the number of individuals affected by a data breach discovered last May. | Incindent | |
| 3.1.26 | Disney will pay $10 million to settle children's data privacy lawsuit | A federal judge has approved an order requiring Disney to pay a $10 million civil penalty to settle claims that it violated the Children's Online Privacy Protection Act by mislabeling videos and allowing data collection for targeted advertising. | Incindent | |
| 3.1.26 | Coupang to split $1.17 billion among 33.7 million data breach victims | Coupang, the largest retailer in South Korea, announced $1.17 billion (1.685 trillion Won) total compensation for the 33.7 million customers whose information was exposed in the data breach discovered last month. | Incindent | |
| 3.1.26 | Coupang to split $1.17 billion among 33.7 million data breach victims | Coupang, the largest retailer in South Korea, announced $1.17 billion (1.685 trillion Won) total compensation for the 33.7 million customers whose information was exposed in the data breach discovered last month. | Incindent | |
| 3.1.26 | Korean Air data breach exposes data of thousands of employees | Korean Air experienced a data breach affecting thousands of employees after Korean Air Catering & Duty-Free (KC&D), its in-flight catering supplier and former subsidiary, was recently hacked. | Incindent | |
| 3.1.26 | Hacker claims to leak WIRED database with 2.3 million records | A hacker claims to have breached Condé Nast and leaked an alleged WIRED database containing more than 2.3 million subscriber records, while also warning that they plan to release up to 40 million additional records for other Condé Nast properties. | Incindent | |
| 3.1.26 | Massive Rainbow Six Siege breach gives players billions of credits | Ubisoft's Rainbow Six Siege (R6) suffered a breach that allowed hackers to abuse internal systems to ban and unban players, manipulate in-game moderation feeds, and grant massive amounts of in-game currency and cosmetic items to accounts worldwide. | Incindent |