Articles tagged "Data Breach"

Found 545 articles

Actively Exploited

A recent analysis has revealed that a majority of REDCap servers accessible via the internet are outdated and vulnerable. These servers, which are widely used in research and healthcare for data collection, are currently being targeted by a hacking group linked to China, known as UNC6508. Researchers found that these attackers use these vulnerabilities for initial access and to deploy backdoors, making it easier for them to exploit the systems further. The situation raises serious concerns for organizations relying on REDCap for sensitive data management, as outdated servers can lead to data breaches and compromise patient confidentiality. It's crucial for administrators to update their systems to defend against these ongoing attacks.

Read Original

A massive database containing around 24 billion credentials has been discovered exposed online, amounting to about 8 terabytes of data. This database was gathered from 36 different sources, which include Telegram channels and previous data breaches, as well as data extracted from live servers. The sheer volume of exposed credentials raises significant concerns for individuals and organizations, as this information can be used for identity theft, phishing attacks, and unauthorized access to accounts. Users who may have been affected should take immediate steps to secure their accounts, such as changing passwords and enabling two-factor authentication. This incident underscores the ongoing risks associated with data breaches and the importance of safeguarding personal information.

Read Original
Actively Exploited

iRhythm Holdings, a medical technology company, reported a cyberattack that occurred on June 8, 2026. The breach involved third-party-hosted business applications and led to the theft of sensitive patient health information, proprietary data, and personal data. Following the discovery of unauthorized activity, iRhythm initiated an investigation with external cybersecurity experts. The situation escalated when a threat actor claimed to possess the stolen data and demanded a ransom. This incident comes shortly after a similar breach affecting Novo Nordisk, raising concerns about the security of healthcare data and the potential risks to patient privacy.

Read Original
Actively Exploited

The education technology sector is currently facing a surge in cyberattacks, with groups like ShinyHunters and FulcrumSec specifically targeting schools and educational platforms. These attacks have resulted in the exposure of sensitive data and disruptions to essential services. Researchers from Resecurity have noted that the EdTech industry has become a prime target for cybercriminals, indicating a worrying trend that could threaten the privacy and security of students and staff alike. This uptick in incidents raises significant concerns about the safety of digital learning environments, as many institutions may lack the necessary defenses against such attacks. As cyber threats continue to grow, it is crucial for educational organizations to bolster their cybersecurity measures to protect against potential breaches.

Read Original

FulcrumSec has leaked a massive amount of data, reportedly 1.3TB, stolen from Danish pharmaceutical company Novo Nordisk. The breach includes sensitive clinical records and research on artificial intelligence. This incident began on June 15, 2026, after Novo Nordisk refused to pay a ransom of $25 million demanded by the attackers. The leaked data could have serious implications for patient privacy and the integrity of ongoing clinical research, particularly given Novo Nordisk's role in producing widely used medications like Ozempic and Wegovy. This incident raises concerns about the security of healthcare data and the potential consequences of ransomware attacks on critical industries.

Read Original

iRhythm Technologies, a U.S.-based company focused on remote cardiac monitoring, has reported a cyberattack that led to the theft of sensitive patient and proprietary data. The attack was linked to vulnerabilities in third-party applications used by the company. Following the breach, the attackers demanded a ransom. This incident raises significant concerns about the security of healthcare data, particularly as cybercriminals increasingly target medical organizations for sensitive information. Patients whose data may have been compromised could face risks related to privacy and identity theft, making it crucial for companies like iRhythm to enhance their cybersecurity measures.

Read Original

iRhythm, a digital health company, confirmed that it experienced a data breach after discovering the incident on June 8. The attackers demanded a ransom, indicating that sensitive information may have been accessed or stolen. While the company has not detailed the specific data affected, this incident raises concerns about the security of health-related data and the potential risks to patients and customers. Cyberattacks like this can undermine trust in digital health solutions and expose individuals to identity theft or privacy violations. Companies in the healthcare sector need to strengthen their cybersecurity measures to protect sensitive information from similar threats.

Read Original

iRhythm Holdings, a digital healthcare company, recently reported a data breach involving the theft of personal and health information of patients. The breach occurred through third-party-hosted business applications, raising concerns about data security in healthcare environments. Affected individuals may have had their sensitive information compromised, which could lead to identity theft or other privacy violations. This incident emphasizes the need for healthcare providers to strengthen their data protection measures, especially when relying on external services to manage patient information. As healthcare continues to digitize, incidents like this highlight the vulnerabilities that come with storing sensitive data online.

Read Original

Maine's Attorney General's Office has temporarily shut down its breach reporting portal after discovering that some entries were fraudulent. This decision comes in response to fake reports that could undermine the integrity of the system designed to track data breaches. The portal was intended to help individuals and businesses report incidents of data loss or exposure, ensuring they receive proper guidance. By suspending the portal, officials aim to address the issue and restore public confidence in the reporting process. This situation highlights the challenges of maintaining secure and reliable reporting mechanisms in the face of potential misuse.

Read Original
Actively Exploited

A significant vulnerability in Oracle's ERP software has been exploited by hackers, particularly impacting American universities. The group known as ShinyHunters took advantage of this flaw to steal large amounts of sensitive data from these institutions. This incident raises concerns about the security of educational data, as universities often hold a wealth of personal and financial information about students and staff. The exploitation of this zero-day vulnerability emphasizes the need for organizations to regularly update their software and implement strong security measures to protect against such attacks. As this situation unfolds, affected universities must respond quickly to mitigate the damage and secure their systems.

Read Original

Charter Communications is facing a significant data breach that may affect nearly 5 million individuals. The ShinyHunters group, known for its extortion tactics, leaked over 42 million records purportedly taken from Charter in April. This incident raises serious concerns about the security of personal information for those connected with the company. The leaked data could potentially include sensitive information, putting affected users at risk of identity theft and fraud. Companies must prioritize data protection measures to prevent such breaches and safeguard customer data.

Read Original

California's Attorney General Rob Bonta has filed a lawsuit against 23andMe, the genetic testing company, alleging that it failed to adequately protect user data following a breach earlier this year. The lawsuit comes after the company, now operating under the name Chrome Holding Co. due to bankruptcy proceedings, reportedly exposed sensitive information of its users. This breach raises significant concerns about data privacy and the responsibilities of companies handling personal information. If the allegations are proven, it could lead to stricter regulations and greater scrutiny of how personal data is managed in the biotech industry. Users who trusted 23andMe with their genetic information are particularly affected, as their sensitive data may have been compromised.

Read Original

A man from North Carolina has been sentenced to over 10 years in prison for selling the personal data of more than 7 million elderly Americans to scammers based in Jamaica. The man, whose actions have raised concerns about privacy and security, provided sensitive information like names, addresses, and Social Security numbers. This breach not only puts the affected individuals at risk of identity theft but also highlights the ongoing issue of data exploitation in the digital age. Law enforcement officials emphasize the need for stronger protections for vulnerable populations, particularly the elderly, who are often prime targets for scams. The case serves as a reminder of the importance of safeguarding personal information and the severe consequences for those who exploit it.

Read Original

Charter Communications fell victim to a data breach that compromised the personal information of approximately 4.9 million accounts. The hacking group ShinyHunters is behind the attack, which occurred in early April. This breach has raised concerns about the security of user data, as sensitive information may have been exposed. Users of Charter Communications should be vigilant for potential phishing attempts or identity theft as a result of this incident. It serves as a reminder for both consumers and companies to prioritize data security measures to protect against such breaches in the future.

Read Original

Carnival Corporation has confirmed a significant data breach that has impacted nearly 6 million individuals. The breach was linked to the ShinyHunters extortion gang, which claimed responsibility for the incident back in April 2026. The compromised data may include sensitive information, though specific details about what was leaked have not been disclosed. This incident raises concerns about the security of personal information within the cruise industry and the potential for identity theft among affected individuals. Carnival has stated that they are investigating the breach and will take necessary steps to enhance their cybersecurity measures moving forward.

Read Original
PreviousPage 5 of 37Next