Search Results for "Data Leak"

Odido February 12, 2026 • [ data breach, extortion, data leak ] In February 2026, Dutch telco Odido was the victim of a data breach and subsequent extortion attempt. Shortly after, 1M records containing 317k unique email addresses were published, followed by further releases exposing an additional 371k and then 833k unique email addresses, with the latter also including passport, drivers licence and European national ID numbers. The exposed data includes names, physical addresses, phone numbers, bank account numbers and customer service notes. Odido has published a disclosure notice advising that impacted data may also include dates of birth and government-issued identity document numbers.

Figure February 12, 2026 • [ social engineering, data leak, extortion ] Figure Technology Solutions confirmed it suffered a data breach after an employee fell victim to a social engineering attack, with attackers obtaining a limited number of files. SecurityWeek reported that the ShinyHunters group took credit and posted archive files on its leak site; Have I Been Pwned analysis identified roughly 967,000 user records in the leaked data. The exposed information includes names, dates of birth, email addresses, postal addresses, and phone numbers. The reporting frames the incident as data theft/extortion without describing service disruption to Figures lending operations.

Optimizely February 11, 2026 • [ voice-phishing, social engineering, data leak ] Attackers associated with the ShinyHunters cybercriminal group used a voice-phishing social engineering attack to gain access to Optimizelys internal systems and CRM environment. Approximately 10,000 client organizations were affected, with exposed data including business contact information such as names, email addresses, and phone numbers.

WormGPT February 10, 2026 • [ data leak, AI hacking platform, user emails ] Cybernews reported that user details for the AI hacking platform WormGPT appeared on a data leak forum. The poster claimed they obtained the data earlier in February 2026 and that about 19,000 WormGPT users were affected. The leaked dataset was described as including user emails, payment data, subscription information, user IDs, and other account details. The reporting indicated the forum post included a sample and that the authors credibility and the sample supported the breach claim; WormGPTs operators did not confirm the incident in the article.

Ersten Group February 9, 2026 • [ stalkerware, data leak, scraping ] A hacktivist scraped more than half-a-million payment records from a provider of consumer-grade stalkerware phone surveillance apps, exposing customer email addresses and partial payment information. The records include payments for phone-tracking services like Geofinder and uMobix and social-media monitoring services like Peekviewer, and the dataset also includes transaction records from Xnspy. The incident is a data exposure affecting customers who paid for surveillance services, not necessarily the surveilled victims.

Air Cote d'Ivoire February 8, 2026 • [ cyberattack, data leak, sensitive files ] Air Cte d'Ivoire confirmed that a cyberattack on February 8, 2026 affected parts of its information system and involved the illegal extraction of sensitive files, prompting business continuity measures and technical support for flights and other operations.

Odido February 7, 2026 • [ data leak, unauthorized access, customer data theft ] Odido confirmed that hackers gained unauthorized access to its customer contact system and covertly downloaded large volumes of customer information. Odido said more than 6.2 million customers were affected. The compromised data includes names, phone numbers, postal and email addresses, dates of birth, IBAN bank account numbers, and government-issued ID details such as passport or drivers license numbers and validity dates. The report did not attribute the incident to a specific threat group and did not describe operational disruption beyond the data compromise.

Toy Battles February 6, 2026 • [ data leak, gaming, PII ] In February 2026, the online gaming community Toy Battles suffered a data breach. The incident exposed 1k unique email addresses alongside usernames, IP addresses and chat logs. Following the breach, Toy Battles self-submitted the data to Have I Been Pwned.

La Comisiï¿½n Nacional de Seguros y Fianzas (CNSF) February 6, 2026 • [ data leak, security incident, PII ] In the case of the National Insurance and Bonding Commission (CNSF) , the regulator reported that on January 30th it registered an information security incident that exposed intermediary identification documents containing data such as name, CURP (Unique Population Registry Code), RFC (Federal Taxpayer Registry), and photograph.

Flickr (via an undisclosed third-party provider) February 5, 2026 • [ data leak, third-party risk, phishing ] Flickr notified users of a potential data breach after a vulnerability in a system operated by one of its third-party email service providers may have allowed unauthorized access to member information. Flickr said it was alerted on February 5, 2026 and shut down access to the affected system within hours. The company stated that passwords and payment card numbers were not compromised. Exposed data may include real names, email addresses, usernames, account type, IP address, general location, and platform activity; Flickr urged vigilance for phishing and recommended changing passwords on other services if reused.

Spain's Ministry of Science (Ministerio de Ciencia) February 5, 2026 • [ cyberattack, data leak, IDOR vulnerability ] Spains Ministry of Science partially shut down IT systems and suspended ongoing administrative procedures following what it called a technical incident, later reported by Spanish media as related to a cyberattack. A threat actor using the alias GordonFreeman claimed responsibility, posted samples, and offered allegedly stolen ministry data for sale. The attacker claimed an IDOR vulnerability enabled credential access and full admin-level access, but BleepingComputer noted it could not independently confirm all claims. The confirmed impact is significant service disruption for citizen/company-facing procedures, with credible indications of data compromise based on posted samples.

HubEE February 4, 2026 • [ security vulnerability, data leak, unauthorized access ] It wasn't the Service-public.gouv.fr portal itself that was directly hacked, but a key component of its infrastructure: HubEE, the platform responsible for transmitting supporting documents between users and government agencies. For several days, attackers exploited a security vulnerability, navigating the system undetected.

Choisir le Service Public (French civil service recruitment platform) February 4, 2026 • [ data leak, personal data theft, phishing risk ] Frances official civil-service recruitment platform Choisir le Service Public disclosed a security incident that resulted in the theft of personal data for 377,418 registered candidates. The stolen dataset includes standard identifiers (name, address, phone, date of birth, email) and more detailed professional/education profile fields that can enable highly targeted phishing and fraud. The platform stated passwords were not compromised and CVs/attachments were not taken. In response, some features (candidate space access and direct-application functionality) were temporarily disabled for several days, authorities were notified, and a complaint was planned.

Iron Mountain February 3, 2026 • [ unauthorized access, extortion, compromised credentials ] Iron Mountain said a breach claim by the Everest extortion gang was limited to access to a single folder on a file-sharing server that primarily contained marketing materials. The company stated that a single compromised login credential was used, the credential was deactivated, and there was no ransomware or malware involvement beyond the unauthorized access. Iron Mountain also said no other systems were breached and that no customer confidential or sensitive information was involved.

NationStates February 3, 2026 • [ vulnerability, remote code execution, data leak ] NationStates confirmed a data breach after taking its website offline to investigate a security incident. The operator stated that on January 27, 2026 a player reported a critical vulnerability, then exceeded authorized boundaries and obtained remote code execution on the main production server, allowing them to copy application code and user data. NationStates indicated the only way to restore confidence was to rebuild the server and determine what was accessed or copied, leading to site instability and downtime during response. The incident combines confirmed unauthorized access/data copying with operational disruption from the shutdown/rebuild.

Poly February 2, 2026 • [ ransomware, data leak, source code ] HackRead reported that the Everest ransomware group claimed it stole about 90GB of internal data from systems linked to Polycom (a legacy enterprise communications brand now under HP Inc., branded as Poly). Everest said the dataset included an internal database and documentation and threatened publication after a nine-day countdown. Screenshots posted by the group appeared to show engineering build directories, source code trees, debug/log files, and technical documentation for Polycom conferencing platforms (including RMX and RealPresence), with filenames referencing dates from 20172019. The report stated there was no indication that HPs current production systems or customer services were impacted and the screenshots did not show customer personal data.

Onze-Lieve-Vrouwinstituut Pulhof February 2, 2026 • [ ransomware, encryption, extortion ] Belgian media reported that OLV Pulhof in Berchem was hacked and its servers were encrypted, consistent with a ransomware incident. The attackers demanded payment and reportedly threatened to publish personal data of students and staff if the ransom was not paid. In a follow-up, school leadership said they had no information that data had actually been leaked at that time and that they were closely monitoring the situation with responders. The incident primarily produced disruption through system encryption and extortion pressure; confirmed data exposure was not established in the referenced update.

Westport Public Schools email account February 2, 2026 • [ phishing, email hijacking, data leak ] Student-submitted personal info via linked Google Form: name, email address, home address, date of birth, grade level, and bank name","Westport Public Schools reported that a district staff email account (identified as a Spanish teachers account) was hijacked on a Friday afternoon and then used to send a phishing email to students in grades K12 with the subject line Employment Program For Westport Public Schools. The message advertised a work-from-home employment program connected to Feed the Children and included a linked Google Form encouraging students to apply. Because the email originated from an internal staff account, it bypassed normal email restrictions and reached student inboxes across the district, including Staples High School. District officials said the technology department removed all copies of the email from the school system and began identifying students who clicked the link and may have submitted personal information; families of students who filled out the form were contacted directly and advised to monitor accounts for fraud. Officials stated no district systems were breached beyond the single compromised email account and that student school-issued accounts remained secure.

Dutch Data Protection Authority (Autoriteit Persoonsgegevens, AP) and the Council for Justice February 1, 2026 • [ vulnerability, data leak, employee personal information ] Dutch media reporting summarized by DataBreaches stated that a vulnerability in Ivanti Endpoint Manager Mobile (EPMM), used by government agencies, allowed unauthorized third parties to access employee personal information at multiple Dutch agencies, including the Dutch Data Protection Authority and the Council for Justice. The exposed information was described as employee names, email addresses, and phone numbers; the number of affected employees was still under investigation at the time of reporting.

Olympique de Marseille February 1, 2026 • [ cyberattack, data leak, data breach ] Olympique de Marseille confirmed a cyberattack after a threat actor claimed to have breached club systems earlier in February and leaked samples of staff and supporter data online.

Search Results (Data Leak)