Data Breach News, Articles and Updates

Instagram users report hack, note recovery emails changed to .ru addresses

Some Instagram users found themselves logged out of their accounts and when they tried to reset their passwords they discovered that their recovery email addresses had been set to .ru accounts.

iOS update leaked Snapchat's source code; data leaked to GitHub

Snapchat's source code was leaked and posted on GitHub after a recent iOS update exposed a portion of the social media platform's source code.

MongoDB database exposes more than 2 million Mexican patients

A MongoDB database containing the health care information of more than 2 million patients in Mexico was left exposed revealing sensitive patient information.

Third-party misconfiguration exposes TCM Bank consumer data

A third-party website misconfiguration resulted in the exposure of sensitive data by credit card issuer TCM Bank leaked applicant data for 16 months.

'Security incident' at Reddit exposed user data to hackers

The attacker was able to access all data from 2007 and prior, including credentials and email addresses, as well as a database backup, which contained user data from 2005, when the site launched, through May 2007.

Insecure server holding U.K. fashion retailers' customer data breached by white hat

A server containing a database holding customer information pertaining to various U.K.-based online fashion retailers was discovered to be insecure after it was breached by a white-hat hacker on July 9.

Old school: Yale discloses breach from more than 10 years ago

Talk about excessive tardiness: Yale University yesterday disclosed that more than 10 years ago, an online intruder breached one of the Ivy League school's databases, which contained information on alumni, faculty and staff members.

LifeLock unsubscribe error unlocks customers' email address info

Symantec's ID theft prevention subsidiary LifeLock suffered from some embarrassing optics on Wednesday after it was reported that an error in its e-marketing unsubscribe process left the email addresses of its customers exposed to potential data theft and tampering.

Singapore securities investor database breached in 2013

The Securities Investors Association (Singapore) or Sias announced it suffered a breach back in 2013.

Southern Baptist Convention IMB suffers data breach

The Southern Baptist Convention's (SBC) International Mission Board suffered a data exposing the personally identifiable information on its current and former employees, volunteers and applicants.

Ransomware-based breach of Alaskan medical billing vendor impacts Fairbanks municipality

A data breach and corresponding ransomware attack at an Alaskan medical billing company that compromised the health information of roughly 44,600 people counteed a Fairbanks-based government municipality among its victims.

Hackers access personal data of 1.5 million SingHealth patients, including Singapore's prime minister

Singapore's largest health care group, SingHealth, acknowledged today that attackers infiltrated a company database and copied information belonging to roughly 1.5 million patients, including the country's prime minster, Lee Hsien Loong.

Stolen drone manuals and military documents offered for sale on dark web, says research group

A member of a dark web hacking forum reportedly attempted to sell documents stolen from U.S. military personnel, including files corresponding to the deadly drone known as the MQ-9 Reaper unmanned aerial vehicle (UAV).

Career and Technology Education Centers of Licking County acknowledge possible breach

Career and Technology Education Centers (C-TEC) of Licking County in Newark, Ohio suffered a possible data breach earlier this year that could have exposed individuals' names and Social Security numbers, according to local reports.

Third-party Ticketmaster breach targeted 800-plus e-commerce sites

Threat actors from the Magecart APT group gained access to the systems of InBenta Technologies, a firm that works with Ticketmaster, and were able to access customer payment information, according to researchers at RiskIQ.

NHS patients' data shared despite their objections, due to data processing error

Data that National Health Service patients in the UK specifically requested be kept private was inadvertently used in a clinical audit and research project due to a nearly three-year long data processing error, a UK government official reported yesterday.

Facebook makes additional API changes to secure user data

The company said it will be introducing new restrictions and changes regarding the Graph API Explorer App, Profile Expression Kit, Media Solutions APIs, Pages API, Marketing API, Lead Ads Retrieval and Live Video APIs.

Typeform breach exposes survey data collected for Tasmanian Electoral Commission, Fortnum & Mason, Monzo

A digital bank, a high-end goods merchant, and an Australian voting agency are among the first known casualties of a data breach affecting the third-party online survey provider Typeform.

Tread carefully: Adidas U.S. retail website breached

Several million online retail customers of German shoe and apparel manufacturer Adidas may have had their personal information compromised in a data breach involving an unauthorized third party.