VulnHub

Companies House, the British agency responsible for company registration in the UK, recently confirmed that a security flaw in its WebFiling service exposed sensitive business information since October 2025. The agency temporarily took the service offline on Friday to address the issue, which raised concerns about the privacy of companies' data. While they have since restored the service, the breach could have serious implications for businesses relying on the registry for compliance and reporting. Companies should review their security practices and remain vigilant about potential misuse of their exposed information. This incident underscores the need for robust security measures in public-facing services.

Companies House, the UK's official register of companies, recently addressed a significant flaw in its WebFiling service. This vulnerability allowed unauthorized users to not only view sensitive director details but also modify company records. The issue prompted Companies House to take the service offline temporarily while they worked on a fix. After resolving the flaw, the WebFiling service was restored, but the incident raises concerns about the security of sensitive corporate information. Users and companies relying on this service need to be aware of the potential risks associated with such vulnerabilities.

A recent glitch on the Companies House website in the UK has exposed sensitive personal and corporate information of millions of users, raising serious concerns about data security. The issue allowed unauthorized access to details that should have been protected, potentially enabling fraudsters to exploit this information. Companies House, which is responsible for maintaining the official register of companies in the UK, has acknowledged the problem and is working to rectify it. This incident is particularly alarming as it affects the privacy of business owners and the integrity of the corporate registration process. Users and businesses are advised to monitor their information and report any suspicious activity immediately.

A recent data breach at Starbucks has compromised the personal information of 889 employees. The incident raises concerns about the security measures in place to protect sensitive employee data. Breaches like this can lead to identity theft and other privacy violations, making it crucial for organizations to strengthen their cybersecurity protocols. Additionally, attackers are increasingly targeting corporate environments, indicating a need for heightened vigilance among companies. As the investigation continues, affected employees should remain alert for any suspicious activity related to their personal information.

ShinyHunters, a known hacking group, has claimed responsibility for stealing up to 1 petabyte of data from Telus Digital, a major telecom provider. The stolen data reportedly includes sensitive materials such as customer support recordings, proprietary code, and employee records. This incident raises significant concerns about data security and privacy, as the breach could expose personal information of millions of customers and potentially lead to identity theft or other malicious activities. Telus, which serves millions in Canada, must now assess the extent of the damage and take steps to secure its systems against future attacks. The scale of this breach serves as a stark reminder of the vulnerabilities that exist within large organizations and the potential ramifications of such data theft.

England Hockey is currently investigating a potential data breach after the AiLock ransomware group included them in a list of victims on their data leak site. The governing body for field hockey in England has not disclosed specific details regarding the type of data that may have been compromised or how the breach occurred. This incident raises concerns about the security of sensitive information and the increasing targeting of sports organizations by cybercriminals. As investigations continue, England Hockey is likely assessing the extent of the breach and implementing measures to protect its data and ensure the safety of its community. This situation serves as a reminder for organizations of all sizes to remain vigilant against ransomware threats.

Police Scotland has been fined by the Information Commissioner's Office (ICO) for a serious data breach involving a victim's phone data. The police force mistakenly shared the entire contents of a victim's phone with her alleged attacker, compromising her privacy and safety. This incident raises significant concerns about how law enforcement handles sensitive information, particularly in cases involving victims of crime. The ICO emphasized the need for organizations to prioritize data protection and ensure that such breaches do not occur in the future. The fine serves as a reminder for all institutions to be vigilant in their data handling practices to protect individuals' rights and safety.

Bell Ambulance has reported a significant data breach that occurred in February 2025, affecting approximately 238,000 individuals. The breach exposed sensitive personal information, including financial and health data. Bell Ambulance, which provides emergency medical services across the U.S., now faces scrutiny over how the breach happened and how it will impact those affected. This incident raises concerns about the protection of personal information within healthcare services, particularly as breaches in this sector can lead to identity theft and other fraudulent activities. Individuals whose data was compromised should remain vigilant and consider monitoring their financial accounts for any suspicious activity.

Recent data from Check Point reveals that cyber-attacks on UK firms are escalating at a rate four times faster than the global average. This surge in attacks raises significant concerns for businesses operating in the UK, as they face increased risks and potential disruptions. The findings suggest that UK companies must enhance their cybersecurity measures to protect sensitive data and maintain operational integrity. The alarming trend may also indicate a shift in the focus of cybercriminals towards UK-based targets, making it crucial for organizations to stay vigilant and informed about emerging threats. As the landscape evolves, understanding these patterns can help firms better prepare for future challenges.

Ericsson has reported a data breach that has potentially compromised the personal information of about 15,000 employees and customers. The breach occurred due to a security vulnerability in a third-party service provider, which allowed unauthorized access to sensitive data. As a result, affected individuals might face risks such as identity theft or fraud. This incident raises concerns about the security measures companies have in place for their third-party vendors and the importance of rigorous vetting processes. Companies and users alike should be vigilant in monitoring their accounts for any suspicious activity following this breach.