Articles tagged "Data Breach"

Found 550 articles

Korean Air reported a data breach linked to a cyberattack on its catering and duty-free supplier, KC&D. This incident has compromised the personal information of approximately 30,000 employees. The breach originated from KC&D, which provides in-flight catering services and operates a duty-free shop for Korean Air. As a result, sensitive data, likely including names and possibly other personal details, may be at risk. This incident raises concerns about the security of third-party vendors and the potential for further exploitation of the leaked data.

Read Original

A former customer support agent at Coinbase has been arrested in India after allegedly assisting hackers in stealing sensitive customer data from the company's database. The individual reportedly provided login credentials and other confidential information, which allowed the hackers to access customer accounts. This incident raises concerns about insider threats within companies that handle sensitive financial information. Coinbase, a major cryptocurrency exchange, is now facing scrutiny regarding its internal security measures and employee vetting processes. The breach could undermine customer trust and highlights the importance of robust security protocols to protect user data from both external and internal threats.

Read Original

Korean Air has reported a data breach that has compromised the personal information of thousands of its employees. The incident occurred due to a cyberattack on Korean Air Catering & Duty-Free (KC&D), a supplier that was previously a subsidiary of the airline. While the exact details of the data exposed have not been disclosed, such breaches can lead to serious privacy risks for those affected. This incident raises concerns about the security measures in place at third-party vendors and the potential ripple effects on employee trust and company reputation. As companies increasingly rely on external partners, ensuring robust cybersecurity across the supply chain is crucial.

Read Original

Coupang, a major ecommerce platform, is responding to a significant data breach that has affected approximately 33.7 million users. In an effort to compensate for the breach, the company plans to issue $1.17 billion in purchase vouchers to those impacted. This incident raises concerns about the security of personal data in the ecommerce sector and the potential risks users face when their information is compromised. The breach highlights the ongoing challenges that large online retailers encounter in safeguarding customer data. Users should remain vigilant about their personal information and monitor their accounts for any unusual activity.

Read Original
Actively Exploited

A newly discovered vulnerability in MongoDB, referred to as MongoBleed, poses a significant risk by allowing remote attackers to extract sensitive information from affected servers without authentication. This flaw has been exploited in real-world attacks, raising alarms among organizations that utilize MongoDB for their data management. The vulnerability's ability to leak data could expose sensitive customer information, business secrets, and other critical data. Companies using MongoDB should prioritize patching their servers to mitigate potential breaches. It's crucial for users to remain vigilant and ensure their systems are secure against this emerging threat.

Read Original

A serious vulnerability known as MongoBleed (CVE-2025-14847) is currently being exploited, exposing over 80,000 MongoDB servers on the public internet. This flaw affects multiple versions of MongoDB, allowing attackers to potentially access sensitive information stored on these servers. The scale of the exposure raises significant security concerns, as many organizations may not be aware that their databases are at risk. Companies using affected MongoDB versions should take immediate action to secure their data and prevent unauthorized access. Failure to address this vulnerability could lead to severe data breaches and loss of sensitive information.

Read Original

Condé Nast has reported a significant data breach involving the personal information of 2.3 million subscribers from WIRED.com. The hacker, known as 'Lovely', posted the leaked data on December 20, 2025, on a hacking forum called Breach Stars. In addition to the WIRED records, the hacker claims to have access to data from up to 40 million more users associated with other Condé Nast brands. This breach raises serious concerns about the security of personal information held by major publishers and the potential for further exposure of sensitive data. Users affected by this incident may face risks such as identity theft and phishing attacks, emphasizing the need for vigilance in monitoring their accounts and personal information.

Read Original
Actively Exploited

The 2022 LastPass breach continues to pose risks, as attackers are still able to crack encrypted vault backups using weak master passwords. This vulnerability allows for potential cryptocurrency theft, with experts from TRM Labs warning that such thefts could occur as late as 2025. Users who stored sensitive information in LastPass and have not changed their passwords are particularly at risk. This incident emphasizes the importance of using strong, unique passwords and regularly updating them, especially after a security breach. As the situation evolves, individuals and businesses using LastPass should remain vigilant and consider additional security measures.

Read Original
Critical
Hacker Leaks 2.3M Wired.com Records, Claims 40M-User Condé Nast Breach

Hackread – Cybersecurity News, Data Breaches, AI, and More

Actively Exploited

A hacker known as 'Lovely' has leaked personal data from over 2.3 million Wired.com accounts, claiming to have access to a larger trove of data that includes 40 million user records from Condé Nast, the parent company of Wired. This breach raises significant concerns for users who may have had their sensitive information exposed, including email addresses and potentially other personal details. The hacker shared the leaked data on a dark web forum, which poses serious risks for identity theft and phishing attacks. Companies like Condé Nast must take immediate action to investigate the claims and ensure the security of their systems to protect users. The incident serves as a reminder of the ongoing vulnerabilities that exist in the digital landscape and the need for robust security measures.

Read Original
Critical
Everest Ransomware Group Claims Theft of Over 1TB of Chrysler Data

Hackread – Cybersecurity News, Data Breaches, AI, and More

Actively Exploited

On December 25, the Everest ransomware group claimed to have stolen over 1 terabyte of data from Chrysler. This incident raises significant concerns about the security of sensitive information, as the attackers have threatened to release this data publicly if their demands are not met. Chrysler, part of the larger automotive industry, is now facing pressure to respond to the breach and protect its customers and business operations. Ransomware attacks like this not only disrupt companies but also put personal data at risk, affecting countless individuals. The situation is a stark reminder of the ongoing cyber threats facing major corporations, especially during times when security may be less prioritized, such as during holiday periods.

Read Original

Aflac has confirmed that a data breach in June affected the personal information of over 22 million customers. The company detected suspicious activity on some of its systems, which led to the discovery of the breach. While Aflac has not disclosed specific details on how the breach occurred, affected customers may be vulnerable to identity theft or fraud due to the exposure of their personal data. This incident raises concerns about data security practices and the potential risks for millions of individuals whose information is now at risk. Aflac has not yet provided information on the steps it will take to mitigate the impact of this breach.

Read Original

In 2025, small and medium-sized businesses (SMBs) faced a surge in cyberattacks that challenged assumptions about which sectors were at risk. Cybercriminals increasingly targeted these businesses, breaching networks to steal sensitive data and sell it on the dark web, leading to significant financial losses. As the tactics used by attackers evolve, businesses need to rethink their security strategies to protect themselves from these threats. The article outlines three key measures companies should adopt to safeguard their operations in 2026. This shift in focus to SMBs is crucial, as many may not have the resources to defend against sophisticated attacks, making them more vulnerable.

Read Original
Actively Exploited

A recent breach involving Red Hat’s self-managed GitLab has compromised the data of approximately 21,000 Nissan customers. The Japanese automaker confirmed that attackers accessed their GitLab instance, which is used by Red Hat Consulting. This incident raises significant concerns about data security, especially given the sensitive nature of the information that may have been stolen. Such breaches can lead to identity theft and further exploitation of affected individuals. Companies like Nissan must prioritize their cybersecurity measures to protect customer data and maintain trust.

Read Original
Actively Exploited

The Clop ransomware group has claimed responsibility for a significant data breach at the University of Phoenix, affecting approximately 3.5 million people. The breach reportedly exposed sensitive information, although the exact nature of the data compromised has not been detailed. This incident raises serious concerns about the security measures in place at educational institutions and the potential for misuse of the stolen data. Individuals affected by the breach may face risks such as identity theft or phishing attempts. As the investigation continues, it underscores the need for stronger cybersecurity protocols to protect personal information in higher education settings.

Read Original

Nissan has confirmed that the personal information of approximately 21,000 customers was compromised due to a data breach involving Red Hat's GitLab instances. Hackers gained unauthorized access to sensitive data, raising concerns about the security of customer information in the automotive industry. This incident emphasizes the ripple effects that breaches at major technology providers can have on their clients. The stolen data could potentially be used for identity theft or phishing attacks, putting affected customers at risk. Companies like Nissan must prioritize robust cybersecurity measures to protect customer data and maintain trust.

Read Original
PreviousPage 31 of 37Next