Search Results for "PII"

Shine Aviation April 4, 2026 • [ data leak, employee credentials, employee records ] Anubis claimed on April 4, 2026 that it obtained 57 GB, or more than 68,000 files, from Geraldton-based Shine Aviation, including alleged employee credentials and records, access-card scans, operational documentation, and aircraft-related certificates; the claim was not independently verified.

Charter Communications, Inc. April 1, 2026 • [ vishing, data leak, employee records ] ShinyHunters claimed it breached Charter Communications on April 1, 2026 through a vishing attack that compromised an employee Microsoft Entra account and enabled access to Charter's Salesforce instance. BleepingComputer and Have I Been Pwned reported that the later published dataset exposed 4.9 million unique email addresses/accounts, along with names, phone numbers, and physical addresses; a subset of approximately 85,000 internal employee-directory records also included job titles. Public reporting did not confirm encryption, data destruction, or operational disruption.

Rituals April 1, 2026 • [ data breach, unauthorized access, PII ] Rituals confirmed that an unauthorized download of My Rituals membership data occurred in April 2026, affecting customers in Europe, the United Kingdom, and the United States. The downloaded data included names, dates of birth, gender, postal and email addresses, phone numbers, preferred store locations, and account types; Rituals did not disclose the exact number of affected members, and reporting stated that passwords and payment data were not accessed.

Ajax FC March 25, 2026 • [ data leak, unauthorized access, PII ] Ajax said a hacker unlawfully gained access to parts of its systems and viewed the email addresses of a few hundred people, as well as names, email addresses, and dates of birth for fewer than 20 people with stadium bans.

GFN.am March 20, 2026 • [ unauthorized access, data leak, PII ] GFN.am, NVIDIA's regional GeForce NOW alliance partner in Armenia, suffered unauthorized access to partner-operated infrastructure between March 20 and March 28, 2026. The breach affected Armenian GeForce NOW users registered before March 9 and exposed personal account information including names, email addresses, phone numbers, dates of birth, usernames, membership status, and two-factor authentication status. NVIDIA said its own infrastructure was not affected. A forum actor using the ShinyHunters name claimed the breach, but reporting indicates the real ShinyHunters group denied involvement, so the specific perpetrator remains unidentified.

Infinite Campus March 18, 2026 • [ unauthorized access, data leak, account compromise ] An unauthorized actor accessed an Infinite Campus employee's Salesforce account, exposing names and contact information for school staff; Infinite Campus said no student databases were accessed.

Crunchyroll March 12, 2026 • [ data breach, data leak, PII ] In March 2026, the anime streaming service Crunchyroll suffered a data breach alleged to have impacted 6.8M users. The exposed data is reported to have originated from the company's Zendesk support system where "name, login name, email address, IP address, general geographic location and the contents of the support tickets" were exposed. A subset of 1.2M email addresses from an alleged 2M record dataset being sold was later provided to HIBP.

Westfield Mall of the Netherlands March 9, 2026 • [ phishing, data leak, PII ] Westfield Mall of the Netherlands informed customers that unauthorized persons accessed a database containing information for newsletter subscribers and Westfield Club loyalty program members. Reported exposed fields include first and last name, email address, telephone number, postal code, and date of birth. The mall said no financial data was compromised because bank account numbers, credit card details, and passwords were not stored in the affected database. The mall warned of phishing risk, reported the incident to data protection authorities, and URW filed a complaint with competent authorities.

Baydöner March 8, 2026 • [ data breach, data leak, plaintext passwords ] In March 2026, the Turkish restaurant chain Baydner suffered a data breach which was subsequently published to a public hacking forum. The incident exposed over 1.2M unique email addresses along with names, phone numbers, cities of residence and plaintext passwords. A small number of records also included Turkish national ID number and date of birth. In their disclosure notice, Baydner stated that payment and financial data was not affected.

Orthopaedic Institute of Western Kentucky March 6, 2026 • [ data breach, third-party vendor, medical records ] Orthopaedic Institute of Western Kentucky disclosed a patient data breach tied to two separate security incidents at its third-party vendor Keystone Technologies. Reporting stated one incident occurred in April 2025 and another occurred between July and August 1, 2025, and that in both cases unauthorized parties accessed files containing patient information. The disclosure indicated the potentially exposed data could include medical records, Social Security numbers, and addresses. No threat actor attribution, precise access method, or affected-patient count was provided in the brief report.

Station Casinos LLC March 5, 2026 • [ unauthorized access, personal information, PII ] Station Casinos LLC identified unauthorized external access to its systems on March 5, 2026 and began notifying affected individuals in May 2026. Public filings confirmed names were exposed and warned that additional personal information may have been compromised, but the company had not publicly confirmed the total number of affected individuals.

Woflow March 4, 2026 • [ data breach, extortion, PII ] In March 2026, the AI-driven merchant data platform Woflow was named as a victim by the ShinyHunters data extortion group. The group subsequently published tens of thousands of files allegedly obtained from the company, comprising more than 2TB of data. The trove included hundreds of thousands of email addresses, names, phone numbers and physical addresses, with the data indicating it related to Woflow customers and, in turn, the customers of merchants using their platform.

AkzoNobel March 3, 2026 • [ ransomware, data leak, internal correspondence ] AkzoNobel confirmed a security incident at one of its U.S. sites after the Anubis ransomware group published a partial leak. AkzoNobel stated the incident was contained and limited to the affected site. The leak samples described in reporting included confidential client agreements, internal email correspondence, technical specification sheets, material testing documents, and contact data such as email addresses and phone numbers, as well as passport scans.

Blanchard Training and Development, Inc. March 3, 2026 • [ unauthorized access, PII, financial information ] Blanchard Training and Development, Inc. identified unusual activity in its network environment on March 4, 2026, and later determined that an unauthorized individual may have copied certain information between March 3 and March 4. DataBreach indexed 494,404 rows tied to Blanchard, including names, contact information, addresses, and bank account information.

Ameriprise March 2, 2026 • [ extortion, data leak, ShinyHunters ] In March 2026, the financial services firm Ameriprise Financial was named by the ShinyHunters group in a "pay or leak" extortion campaign. The group claimed possession of more than 200GB of compressed data exfiltrated from Ameriprise's Salesforce environment and internal SharePoint infrastructure, and subsequently published the data after negotiations allegedly failed. The published data contained 500k unique email addresses as well as names, phone numbers, physical addresses and employer information. In their disclosure to state attorneys general, Ameriprise reported 47,876 affected people; the larger email address population represents contacts from Ameriprise's broader operational systems, including internal staff. Ameriprise further advised that they have "implemented heightened monitoring of your account(s) to include enhanced identity verification procedures".

Adelante Soluciones Financieras March 1, 2026 • [ data leak, unauthorized access, PII ] Addi identified unauthorized activity on its platform in March 2026 and advised customers that personal information may have been compromised. ShinyHunters later claimed responsibility and published a large trove of personal data allegedly obtained from Addi. DataBreach indexed 67,979,172 rows tied to the breach, while HIBP reported approximately 34 million exposed email addresses and credit-related data points. Public sources did not confirm encryption, data destruction, operational disruption, or a precise intrusion vector.

RXNT March 1, 2026 • [ data breach, healthcare, PII ] RXNT, the SaaS provider for the Office of the Attending Physician, experienced a breach on March132026 where attackers accessed the platform and copied patient prescription records, including names, addresses, dates of birth, and medication details.

KomikoAI February 25, 2026 • [ data breach, PII, AI prompts ] In February, the AI-powered comic generation platform KomikoAI suffered a data breach. The incident exposed 1M unique email addresses along with names, user posts and the AI prompts used to generate content. The exposed data enables the mapping of individual AI prompts to specific email addresses.

Local 100 chapter of the Transport Workers Union of America February 24, 2026 • [ ransomware, data leak, identity theft ] SC Media reported that Qilin claimed to have breached TWU Local 100 (NYC transit union) and published stolen data on its leak site, putting over 41,000 active transit workers and 26,000 retirees at risk of identity theft. The report notes Qilin did not specify how much data was taken, but highlighted that the union retains sensitive employee information such as contact details, salary information, job titles, medical and insurance benefits, and retirement/pension planning information. The report frames the incident as a ransomware groups breach claim with a presumed data-theft/extortion outcome.

Telecare Corporation February 19, 2026 • [ ransomware, data leak, healthcare ] Qilin claimed responsibility for an attack on Telecare Corporation on February 19, 2026 and threatened to release sensitive healthcare data unless negotiations began. DataBreach indexed 275,644 rows and listed exposed fields including Social Security numbers, dates of birth, email addresses, phone numbers, names, and street addresses. Public reporting did not confirm encryption, data destruction, attacker-caused operational disruption, or the exact intrusion vector.

Search Results (PII)