data breach
India’s ICICI Bank exposed thousands of credit cards to ‘wrong’ users
ICICI Bank, one of India’s top private banks, exposed the sensitive data of thousands of new credit cards to customers who were not their intended recipients. The Mumbai-based bank confirmed…
Featured Article
Hackers are threatening to leak World-Check, a huge sanctions and financial crimes watchlist
The hackers say they have stolen 5.3 million records from the World-Check database, used by companies and banks for screening potential customers.
Omni Hotels says customers’ personal data stolen in ransomware attack
A ransomware gang called Daixin has taken credit for the breach, and claimed to steal millions of customer records dating back to 2017.
Change Healthcare stolen patient data leaked by ransomware gang
This is the second group to demand a ransom payment from Change Healthcare to prevent the release of stolen patient data in as many months.
Roku says 576,000 user accounts hacked after second security incident
Roku said it discovered malicious hackers compromised more than half a million user accounts while investigating an earlier spate of account hacks.
Founded in 1973, the Washington DC-based Heritage Foundation and supports and lobbies on conservative issues.
US government urges Sisense customers to reset credentials after hack
The U.S. cybersecurity agency said it was responding to a “recent compromise” at the data analytics giant, which provides business intelligence to critical infrastructure companies.
The legally required disclosure came a week after AT&T confirmed a cache containing millions of customers’ data that leaked online was genuine.
Targus’ parent company, B. Riley Financial, said it discovered “a threat actor gained unauthorized access to certain of Targus’ file systems.”
Hackers stole 340,000 Social Security numbers from government consulting firm
U.S. consulting firm Greylock McKinnon Associates (GMA) disclosed a data breach in which hackers stole as many as 341,650 Social Security numbers. The data breach was disclosed on Friday on…
Indian government’s cloud spilled citizens’ personal data online for years
The Indian government has finally resolved a years-long cybersecurity issue that exposed reams of sensitive data about its citizens. A security researcher exclusively told TechCrunch he found at least hundreds…
Featured Article
AT&T resets account passcodes after millions of customer records leak online
A security researcher told TechCrunch that leaked AT&T customer data contained encrypted account passcodes that can be easily unscrambled.
The government’s reward for information now extends to ALPHV’s affiliates, which claimed responsibility for a massive weekslong healthcare cyberattack.
It’s the first time the United Kingdom has attributed the massive breach of millions of citizens’ voter data since the cyberattack was first disclosed in 2023.
Customers say their leaked AT&T customer data — names, addresses, phone numbers and Social Security numbers — is accurate.
Documentation startup Mintlify says dozens of customers had GitHub tokens exposed in a data breach at the start of the month and publicly disclosed last week. Mintlify helps developers create…
Featured Article
How to verify a data breach
Over the years, TechCrunch has extensively covered data breaches. In fact, some of our most-read stories have come from reporting on huge data breaches, such as revealing shoddy security practices at startups holding sensitive genetic information or disproving privacy claims by a popular messaging app. It’s not just our sensitive…
Featured Article
As the Change Healthcare outage drags on, fears grow that patient data could spill online
A cyberattack at U.S. health tech giant Change Healthcare has ground much of the U.S. healthcare system to a halt for the second week in a row. Hospitals have been unable to check insurance benefits of in-patient stays, handle the prior authorizations needed for patient procedures and surgeries or process…
UK utility giant Southern Water says hackers stole personal data of hundreds of thousands of customers
U.K.-based water utility Southern Water has confirmed that hackers stole the personal data of as many as 470,000 customers in a recent data breach. Southern Water, which provides water and…
Featured Article
Hackers uncover new TheTruthSpy stalkerware victims: Is your Android device compromised?
A consumer-grade spyware operation called TheTruthSpy poses an ongoing security and privacy risk to thousands of people whose Android devices are unknowingly compromised with its mobile surveillance apps, not least due to a simple security flaw that its operators never fixed. Now, two hacking groups have independently found the flaw…
‘World’s biggest casino’ app exposed customers’ personal data
The startup that develops the phone app for casino resort giant WinStar has secured an exposed database that was spilling customers’ private information to the open web. Oklahoma-based WinStar bills…
HopSkipDrive says personal data of 155,000 drivers stolen in data breach
Student rideshare startup HopSkipDrive has confirmed a data breach involving the personal data of more than 155,000 drivers. Los Angeles-based HopSkipDrive offers an Uber-style rideshare service for children and teenagers.…
FTC orders Blackbaud to overhaul ‘reckless’ security practices in wake of 2020 breach
Education tech company Blackbaud agreed to settle with the U.S. Federal Trade Commission over the company’s security practices that resulted in a 2020 data breach. The FTC alleges that Blackbaud,…
Europcar says someone likely used ChatGPT to promote a fake data breach
On Sunday, a user in a well-known hacking forum advertised what they claimed was a cache of stolen data from the rental car giant Europcar. The user claimed to have…
ICO confirms data breach probe as UK councils remain downed by cyberattack
Three local councils in the United Kingdom continue to experience disruption to their online services, a week after confirming a cyberattack had knocked some systems offline. The councils for Canterbury,…
How a mistakenly published password exposed Mercedes-Benz source code
Mercedes-Benz accidentally exposed a trove of internal data after leaving a private key online that gave “unrestricted access” to the company’s source code, according to the security research firm that…
In a data breach notification letter filed with regulators this weekend, 23andMe revealed that hackers started breaking into customers’ accounts in April 2023 and continued through most of September. In…
Hackers breached Microsoft to find out what Microsoft knows about them
Wouldn’t you want to know what tech giants know about you? That’s exactly what Russian government hackers want, too. On Friday, Microsoft disclosed that the hacking group it calls Midnight…
Vans, Supreme owner VF Corp says hackers stole 35 million customers’ personal data
VF Corp., the parent company of the popular apparel brands Vans, Supreme, and The North Face, said Thursday that hackers stole the personal data of 35.5 million customers in a…
Featured Article
As hacks worsen, SEC turns up the heat on CISOs
Over the past year we’ve seen Uber’s former chief security officer convicted in federal court for mishandling a data breach, a federal regulator charge SolarWinds’ security chief with allegedly misleading investors prior to its own cyberattack and new regulations that compel companies to publicly reveal materially impactful data breaches within…