Hackread – Cybersecurity News, Data Breaches, AI, and More
ShinyHunters, a known hacking group, has reportedly leaked data from several companies, including SoundCloud, Crunchbase, and Betterment. The leak is said to involve the personal information of millions of users, raising serious concerns about data security and privacy. This incident follows previous breaches attributed to the group, which has a history of targeting various organizations. The potential for more leaks has been hinted at by the group, suggesting that the situation could worsen. This breach not only affects the companies involved but also puts the personal information of countless users at risk, emphasizing the ongoing challenges of cybersecurity in today's digital landscape.
Under Armour is currently investigating a data breach that may have exposed approximately 72 million records. The company has stated that, so far, there is no evidence suggesting that the breach affected systems responsible for processing payments or storing customer passwords. This incident raises concerns about the potential exposure of personal data, which could include details such as email addresses and other sensitive information. For users of Under Armour's services, the situation is alarming as it may lead to phishing attempts or identity theft. The company is taking steps to understand the full scope of the breach and to protect its customers moving forward.
Under Armour is currently investigating a significant data breach after approximately 72 million customer records were discovered online, allegedly posted by a cybercriminal. The leaked data includes personal information that could impact a large number of individuals who have engaged with the brand, which is known for its sportswear and fitness accessories. This incident raises serious concerns about data security and the potential risks to affected customers, including identity theft and fraud. As Under Armour works to assess the situation and secure its systems, customers are advised to monitor their accounts for any unusual activity. The breach serves as a reminder of the importance of strong cybersecurity measures in protecting personal information.
A recent report from DLA Piper shows that over 160,000 companies have reported breaches to European GDPR regulators, marking a 22% increase in notifications compared to previous years. This surge indicates that businesses are becoming more aware of their obligations under the GDPR and are taking steps to comply with reporting requirements. The increase in notifications could also reflect a rise in actual data breaches or a heightened awareness of data privacy issues. Companies that fail to report breaches risk facing significant fines, which can be as much as 4% of their annual global revenue. This trend is crucial because it emphasizes the ongoing challenges organizations face in protecting personal data and maintaining compliance with data protection laws.
A significant spam wave is hitting users globally, stemming from unsecured Zendesk support systems. Victims are reporting receiving hundreds of unsolicited emails with unusual and sometimes alarming subject lines, raising concerns about the safety and security of their information. This incident indicates a serious lapse in security measures, as attackers are exploiting vulnerabilities in the ticketing system to send out mass spam. The situation is alarming as it not only affects individuals but could also lead to broader security issues if sensitive information is compromised. Companies using Zendesk should review their security protocols to prevent unauthorized access and protect their users from being targeted in this way.
PcComponentes, a well-known tech retailer in Spain, is facing scrutiny after claims surfaced about a data breach affecting 16 million customers. The company has denied these allegations but acknowledged that it experienced a credential stuffing attack. This type of attack occurs when hackers use stolen credentials from one service to access accounts on another, raising concerns about the security of customer data. While PcComponentes insists that the data breach claims are unfounded, the incident still raises alarms about the potential vulnerabilities faced by online retailers. Customers should be vigilant and consider changing their passwords, especially if they use the same credentials across multiple sites.
The Everest ransomware group has claimed responsibility for a data breach affecting McDonald's India. They provided screenshots as proof, which reportedly include sensitive information such as financial reports, audit trails, pricing data, and internal communications. This incident raises concerns about the security of corporate data and the potential implications for customer trust and business operations. Companies need to take this threat seriously and evaluate their cybersecurity measures to prevent similar breaches. The exposure of such sensitive data could lead to financial losses and reputational damage for McDonald's India.
Hackers are taking advantage of poorly configured web applications that are designed for security training and testing, such as DVWA, OWASP Juice Shop, Hackazon, and bWAPP. These applications are being used as gateways to access the cloud environments of various Fortune 500 companies and security vendors. The attackers exploit these misconfigurations to infiltrate systems that should ideally serve as safe environments for testing security measures. This situation raises serious concerns for companies that rely on these tools for internal security practices, as it exposes them to potential data breaches and unauthorized access. Organizations need to ensure that their security testing applications are correctly configured to prevent exploitation by malicious actors.
Hackread – Cybersecurity News, Data Breaches, AI, and More
A security lapse at a Carlsberg exhibition exposed attendees' personal information due to a poorly secured wristband system. This system allowed unauthorized access to sensitive data, such as visitor photos, videos, and full names. Despite attempts by a researcher to report the vulnerability, their concerns were ignored for several months, raising questions about the company's response to security issues. The incident underscores the need for better data protection practices, especially at public events where personal information is collected. This breach not only affects the individuals whose data was exposed but also damages Carlsberg's reputation as a secure event organizer.
USB drives pose a significant security risk for enterprises, as they can easily introduce malware into corporate networks. Researchers warn that these small devices often go unchecked and can lead to data breaches or unauthorized access. Many organizations still rely on USB drives for data transfer, making them an attractive target for cybercriminals. The ease of use and widespread availability means that employees might unwittingly use infected drives, compromising sensitive information and systems. Companies should implement strict policies regarding the use of USB drives and consider investing in security solutions that can monitor and control their use.
SK Telecom, a leading telecommunications company in South Korea, is challenging a hefty $91 million fine imposed by the Personal Information Protection Commission. This penalty was a result of a cyberattack in April that compromised the personal data of all 23 million of the company's users. The breach raised significant concerns about data security and the responsibilities of companies to protect customer information. By contesting the fine, SK Telecom is not only seeking to mitigate financial repercussions but also potentially setting a precedent for how data breaches are handled in the future. This incident serves as a reminder of the ongoing risks companies face in safeguarding sensitive user data.
Hackread – Cybersecurity News, Data Breaches, AI, and More
The Everest ransomware group has claimed responsibility for a data breach involving McDonald's India, potentially affecting customer information. This incident raises significant concerns about the security of customer data, as ransomware attacks often lead to sensitive information being stolen or compromised. McDonald's India has not yet confirmed the breach or provided details about the extent of the data involved. Ransomware attacks like this can damage a company's reputation and erode customer trust, especially in a market where data privacy regulations are becoming stricter. As the situation unfolds, customers and stakeholders will be closely monitoring how McDonald's responds and what measures are put in place to prevent future incidents.
Ingram Micro, a major technology distributor, experienced a data breach that compromised the personal information of approximately 42,000 individuals. The breach was detected on July 3, 2025, prompting the company to initiate an investigation with cybersecurity experts to assess the extent of the incident. The affected data may include sensitive details, although specifics about what information was accessed have not been disclosed. This incident raises concerns about the security practices in place at Ingram Micro and the potential risks faced by those whose information was exposed. As the investigation continues, affected individuals should remain vigilant for any signs of identity theft or phishing attempts.
Hackread – Cybersecurity News, Data Breaches, AI, and More
RansomHouse, a known cybercriminal group, claims to have breached Luxshare, a major contractor for Apple. However, as of now, there is no tangible evidence to support this claim, and the links associated with the breach are currently offline. This situation raises concerns because Luxshare plays a critical role in Apple's supply chain, and any data breach could potentially compromise sensitive information related to Apple's operations. The lack of verification means that while the claim exists, its legitimacy remains uncertain. Companies in similar sectors should remain vigilant as the situation develops, given the potential risks from such threats.
Ingram Micro, a major player in the information technology sector, experienced a ransomware attack in July 2025 that compromised the personal data of over 42,000 individuals. The breach raises serious concerns about data security and the potential misuse of sensitive information, as attackers often seek to exploit such data for financial gain or identity theft. The scale of the incident highlights the ongoing risks that companies face from cyber threats, particularly in the IT sector, which is often targeted due to its critical role in global infrastructure. Affected individuals should remain vigilant for signs of identity theft and consider monitoring their accounts for unusual activity. Organizations must strengthen their cybersecurity measures to prevent similar incidents in the future.