Search Results for "Data Leak"

HanseMerkur January 24, 2026 • [ data leak, ransomware, financial documents ] DragonForce claimed it stole 97 GB of internal data from German insurer HanseMerkur and released sample financial documents; the company had not confirmed the breach at the time of reporting.

CarMax January 24, 2026 • [ data breach, extortion, data leak ] In January 2026, data allegedly sourced from US automotive retailer CarMax was published online following a failed extortion attempt. The data included 431k unique email addresses along with names, phone numbers and physical addresses.

Waltio January 24, 2026 • [ data leak, extortion, cryptocurrency ] French crypto tax platform Waltio reported being targeted by the ShinyHunters group, which claimed to possess personal data for nearly 50,000 users and threatened to leak users 2024 tax reports unless a ransom was paid. Waltio stated that its services and production systems remained secure and that no sensitive banking credentials or crypto access data was compromised. The incident primarily involves alleged data theft and extortion threats rather than service disruption, with the full scope of stolen fields not detailed in the summary.

Crunchbase January 23, 2026 • [ vishing, social engineering, credential theft ] Reporting on an Okta SSO vishing (voice-phishing) campaign, ShinyHunters reportedly confirmed to a researcher that it conducted the campaign and launched a new dark web leak site. According to the report, ShinyHunters claimed that multiple victims had their data posted after refusing extortion demands, naming Crunchbase, SoundCloud, and Betterment as initial examples. The incident reflects social-engineering-driven credential theft leading to unauthorized access and data theft, followed by extortion and publication of alleged victim data.

Nike January 22, 2026 • [ ransomware, data leak, exfiltration ] A ransomware group calling itself WorldLeaks (reported as a rebrand of Hunters International) claimed it breached Nike and began leaking data online. The groups leak-site posting dated January 22, 2026 alleged exfiltration of more than 1.4TB of files. A review of the leaked directory names suggested the exposed material primarily relates to product development and manufacturing operations, including design specifications and supplier-related operational documents, along with internal presentations and collaboration materials. Nike stated it was investigating the claims.

Viafier January 22, 2026 • [ malware, data leak, unauthorized access ] The Swiss rail operator Viafier Retica shut down its Vereina car-shuttle online ticket shop after discovering malware on the system. The organization stated that attackers likely accessed the web shop database, which may contain customer and employee contact details and hashed passwords. Users were advised to change passwords used on other services. The incident caused service disruption to online ticket sales while containment and investigation actions were undertaken.

Sociedad Hipotecaria Federal January 21, 2026 • [ ransomware, data leak, encryption ] Sociedad Hipotecaria Federal was listed by LockBit, which claimed to have stolen 277 GB of data and published it after a ransom deadline expired; reporting also cited encryption of critical systems and operational disruption.

McDonald's India January 20, 2026 • [ ransomware, data leak, data exfiltration ] HackRead reported that on January 20, 2026 the Everest ransomware group claimed it breached McDonalds India and exfiltrated 861 GB of customer data and internal documents. The report described screenshots purportedly showing internal financial reports (20232026), audit trails, cost tracking, ERP migration files, pricing data, and other internal communications, as well as a Contact Database spreadsheet with investor/business-partner contact details and store-level manager contact information. Everest reportedly issued a short deadline and threatened to leak data; the article noted the claim was unverified at the time.

Hyatt January 19, 2026 • [ ransomware, data leak, double-extortion ] A ransomware group calling itself NightSpire publicly claimed on January 19, 2026 that it attacked Hyatt and exfiltrated 48.5GB of data originating from the Hyatt Place Chelsea New York hotel. The actors published samples that appeared to include internal company documents such as invoices, expense reports containing employee names, contact information, signatures, and partner company data, and researchers noted the sample list suggested possible exposure of employee credentials for internal tools (raising risk of further compromise). The posting indicated a free download link, consistent with double-extortion tactics where stolen data is leaked if negotiations fail. At the time of reporting, Hyatt had not publicly confirmed the breach and the claims remained unverified by the company.

French national bank accounts database (FICOBA) / Ministry of Economy and Finance January 18, 2026 • [ data leak, stolen credentials, unauthorized access ] Frances Ministry of Economy and Finance stated that part of the national database listing bank accounts in France was illegally accessed, exposing information linked to about 1.2 million accounts. The ministry said that starting in late January 2026, a malicious actor used stolen credentials belonging to an official to access part of the database. The exposed data includes bank details (RIB/IBAN), identity and address of the account holder, and in some cases a tax identification number. Authorities said they restricted access, stopped the intrusion, and notified banks to warn customers to be vigilant.

Zealthy January 16, 2026 • [ data leak, health information, personal information ] Records advertised as Zealthy data were offered for sale online in January 2026, with sample files showing patient personal and health information; Zealthy had not publicly confirmed the incident in the reporting reviewed.

Daniel L Kaler DDS PC January 15, 2026 • [ data leak, unauthorized access, medical information ] Attackers gained unauthorized access to systems at a Dakota Dunes dental practice and exfiltrated patient records from its databases. The breach exposed personal, medical, and financial information belonging to approximately 27000 individuals.

MediCopy Services, Inc. January 13, 2026 • [ unauthorized access, data leak, healthcare ] An unauthorized actor accessed MediCopy Services' cloud-based file-sharing platform on January 13, 2026, and downloaded files related to release-of-information requests for certain Deaconess patients, including patients of Deaconess Henderson Hospital, Deaconess Union County Hospital, and surrounding clinics. Deaconess stated that its own IT systems and electronic medical record system were not impacted.

Armenian Government January 13, 2026 • [ Data Leak, Cybercrime, Alleged Breach ] Reporting stated that a forum user using the alias dk0m offered for sale what was described as a large dataset of Armenian government-related data, allegedly obtained by accessing a government notification system used to distribute official communications (legal and administrative notices). The seller advertised the dataset for $2,500 and claimed it contained about 8 million records related to official notifications, including communications involving police and judicial bodies. Armenian officials opened an investigation, while a government-linked communications body publicly denied that government email infrastructure was breached and suggested any access may have involved another state platform. Because the incident is described as an allegation under investigation without independent confirmation of access or data theft, it is recorded as an alleged event rather than a confirmed cyberattack.

ICE List site January 13, 2026 • [ denial-of-service attack, data leak, personal information ] A website known as ICE List, operated by Netherlands-based immigration activist Dominick Skinner and described as dedicated to leaking personal information about U.S. immigration and border personnel, went offline following a denial-of-service attack on the evening of January 13, 2026. Reporting said the outage occurred shortly after media coverage that Skinner planned to publish additional personal data allegedly obtained from a whistleblower. Skinner stated it was only possible to speculate on who directed the attack but claimed a large amount of traffic appeared to come from Russia, consistent with bot traffic intended to overwhelm the site and disrupt access.

At least one organization in Mexico January 12, 2026 • [ data leak, leak portals, cybercrime ] During 2025, the data of 74 Mexican organizations was exposed on leak portals used by criminal groups, a figure that doubles the 37 cases registered in 2024

Target January 12, 2026 • [ data leak, source code theft, internal documentation ] BleepingComputer reported that multiple current and former Target employees confirmed that source code and documentation posted online by a threat actor match real internal systems. Employees cited internal system names, platform references, and CI/CD tooling elements in the leaked sample that aligned with Targets development environment, and an internal communication referenced an accelerated security change restricting access to Targets Enterprise Git server shortly after the outlet contacted the company. The incident as described involves alleged theft and publication of internal repositories and development documentation rather than an outage or consumer-facing service disruption.

Medical Practice of Dr. Richard Swift January 12, 2026 • [ malware, cyberattack, data leak ] DataBreaches reported on a class action lawsuit alleging that a Manhattan plastic surgery practice run by Dr. Richard Swift was compromised by a malware-related cyberattack in 2025 and that sensitive patient information was posted online. The suit alleged that a site hosted outside the U.S. displayed personal identifiers and medical record details for at least 22 patients, and that affected patients only learned about the breach after attackers contacted them directly. DataBreaches noted the same threat actors were linked to attacks on other plastic surgery practices and described a recurring pattern where attackers approached patients with demands in exchange for removing posted information. Public reporting did not confirm whether the practice paid, and the article noted the leak site later appeared offline.

Congressional Staff email platform January 11, 2026 • [ cyber intrusion, state-backed hacking, email compromise ] TechStory reported that a cyber intrusion linked to the China-associated group known as Salt Typhoon compromised email systems used by staff supporting multiple powerful U.S. House committees (including foreign affairs, intelligence, and defense-related panels). The report said the intrusions were detected in December 2025, but investigators were still determining how long access persisted, what data was viewed or extracted, and whether any lawmakers personal accounts were affected. U.S. agencies and House offices were described as offering limited public comment while investigations continued, and China was reported as denying allegations of state-backed hacking.

Nissan Motor Corporation (Nissan Motor Co., Ltd.) January 10, 2026 • [ ransomware, data leak, extortion ] HackRead reported that the Everest ransomware group claimed it breached Nissan Motor Corporation and stole about 900GB of internal data. The article said the group posted the allegation on its leak site on January 10, 2026 and shared screenshots and directory listings suggesting access to internal operational documents, data extracts, and dealership-related records. Everest reportedly threatened to publish the data if Nissan did not respond within a set timeframe. Nissan had not publicly confirmed the claim at the time of reporting.

Search Results (Data Leak)