Grand Hotel Taipei
February 21, 2026
•[ cyberattack, data leak, unauthorized access ]
Grand Hotel Taipei reported a cyberattack on its systems and warned that guest reservation information may have been accessed. The potentially exposed data includes guest names and contact details, though the number of affected individuals has not been disclosed.
Advantest Corporation
February 19, 2026
•[ ransomware, unauthorized access, incident response ]
Advantest disclosed it detected unusual activity in its IT environment on February 15, 2026 (JST) and activated incident response, isolating affected systems and engaging external cybersecurity experts. Preliminary findings indicated an unauthorized third party may have accessed parts of the companys network and deployed ransomware. Advantest stated the investigation was ongoing and it had not yet confirmed whether customer or employee data was affected; it said it would notify impacted persons if data exposure is confirmed. The public reporting focused on containment and restoration actions and did not describe prolonged manufacturing shutdowns or downstream customer impacts.
youX
February 15, 2026
•[ unauthorized access, data leak, exfiltration ]
youX (Australian finance technology platform) confirmed unauthorized access by a third party after a threat actor released data it claimed to have obtained during the incident. Public reporting said youX had flagged an IT security incident about a week earlier and that personal information may have been compromised. External threat reporting associated the incident with a large-scale exfiltration claim (hundreds of gigabytes) affecting borrowers and broker organizations, consistent with data-theft extortion behavior. The companys public statements centered on incident response actions, engagement with external experts, and regulatory notification while it worked to determine the precise scope and which individuals and organizations were impacted.
UFP Technologies
February 14, 2026
•[ unauthorized access, data theft, operational disruption ]
UFP Technologies disclosed that threat actors gained unauthorized access to its IT systems around February 14, 2026, disrupting billing and delivery label generation and resulting in the theft or destruction of company or company-related data.
Washington Hotel chain (Fujita Kanko)
February 13, 2026
•[ ransomware, unauthorized access, point-of-sale system issues ]
A ransomware incident impacted the Washington Hotel chain in Japan, with Fujita Kanko reporting that unauthorized access to some servers was detected on February 13, 2026. The company said it took protective measures to cut off attacker access, formed an internal task force, and engaged police and outside cybersecurity experts. The company confirmed unauthorized access to business data on servers, while stating customer information tied to the external Washington Net system was believed unaffected at the time. Some hotels experienced point-of-sale system issues, but the company reported no major business disruption overall.
Odido
February 7, 2026
•[ data leak, unauthorized access, customer data theft ]
Odido confirmed that hackers gained unauthorized access to its customer contact system and covertly downloaded large volumes of customer information. Odido said more than 6.2 million customers were affected. The compromised data includes names, phone numbers, postal and email addresses, dates of birth, IBAN bank account numbers, and government-issued ID details such as passport or drivers license numbers and validity dates. The report did not attribute the incident to a specific threat group and did not describe operational disruption beyond the data compromise.
Flickr (via an undisclosed third-party provider)
February 5, 2026
•[ data leak, third-party risk, phishing ]
Flickr notified users of a potential data breach after a vulnerability in a system operated by one of its third-party email service providers may have allowed unauthorized access to member information. Flickr said it was alerted on February 5, 2026 and shut down access to the affected system within hours. The company stated that passwords and payment card numbers were not compromised. Exposed data may include real names, email addresses, usernames, account type, IP address, general location, and platform activity; Flickr urged vigilance for phishing and recommended changing passwords on other services if reused.
Spain's Ministry of Science (Ministerio de Ciencia)
February 5, 2026
•[ cyberattack, data leak, IDOR vulnerability ]
Spains Ministry of Science partially shut down IT systems and suspended ongoing administrative procedures following what it called a technical incident, later reported by Spanish media as related to a cyberattack. A threat actor using the alias GordonFreeman claimed responsibility, posted samples, and offered allegedly stolen ministry data for sale. The attacker claimed an IDOR vulnerability enabled credential access and full admin-level access, but BleepingComputer noted it could not independently confirm all claims. The confirmed impact is significant service disruption for citizen/company-facing procedures, with credible indications of data compromise based on posted samples.
Rinku Singh's Facebook account
February 5, 2026
•[ account takeover, hacking, social media breach ]
Indian media reported that cricketer Rinku Singhs Facebook account was hacked, with police stating the cybercrime unit was investigating. The report indicated it was not yet known whether the compromise resulted in financial fraud or other misuse beyond unauthorized access/control of the account. The confirmed effect is account compromise and loss of control of a social media profile; additional impacts were not established in the reporting.
HubEE
February 4, 2026
•[ security vulnerability, data leak, unauthorized access ]
It wasn't the Service-public.gouv.fr portal itself that was directly hacked, but a key component of its infrastructure: HubEE, the platform responsible for transmitting supporting documents between users and government agencies. For several days, attackers exploited a security vulnerability, navigating the system undetected.
Iron Mountain
February 3, 2026
•[ unauthorized access, extortion, compromised credentials ]
Iron Mountain said a breach claim by the Everest extortion gang was limited to access to a single folder on a file-sharing server that primarily contained marketing materials. The company stated that a single compromised login credential was used, the credential was deactivated, and there was no ransomware or malware involvement beyond the unauthorized access. Iron Mountain also said no other systems were breached and that no customer confidential or sensitive information was involved.
NationStates
February 3, 2026
•[ vulnerability, remote code execution, data leak ]
NationStates confirmed a data breach after taking its website offline to investigate a security incident. The operator stated that on January 27, 2026 a player reported a critical vulnerability, then exceeded authorized boundaries and obtained remote code execution on the main production server, allowing them to copy application code and user data. NationStates indicated the only way to restore confidence was to rebuild the server and determine what was accessed or copied, leading to site instability and downtime during response. The incident combines confirmed unauthorized access/data copying with operational disruption from the shutdown/rebuild.
Portland Public Schools
February 3, 2026
•[ phishing, email compromise, unauthorized access ]
A phishing email offering a fake part-time job opportunity was sent to students after a staff email account (reported as a teacher account) was compromised. Because the message originated from an internal staff account, it bypassed normal restrictions and reached many student inboxes across the district. The district technology department removed copies of the email from the school system and issued guidance for students who submitted information to the linked form. The confirmed effect is unauthorized use of an internal account to distribute phishing content; the report does not confirm broader system compromise or data exfiltration beyond what students may have submitted to the scam.
At least one government, military, and technology entity in Ukraine
January 30, 2026
•[ APT, vulnerability exploitation, state-sponsored attack ]
Security researchers reported that state-sponsored advanced persistent threat groups exploited a WinRAR vulnerability in real-world attacks that successfully compromised at least one government, military, and technology organization in Ukraine, using malicious archive files to gain unauthorized access to victim systems.
Bumble Inc. (dating app)
January 28, 2026
•[ unauthorized access, internal network, compromised account ]
A contractor account at Bumble was compromised, granting limited unauthorized access to part of the internal network. Bumble stated that no user accounts, profile data, messages, or member databases were accessed.
At least one blockchain developer
January 22, 2026
•[ phishing, blockchain, credential theft ]
IT technicians and blockchain developers were targeted in a phishing campaign attributed to the NGB 3rd Technical Surveillance Bureau (KONNI/APT37), resulting in unauthorized access to end-user systems and the compromise of stored development and infrastructure credentials.
Viafier
January 22, 2026
•[ malware, data leak, unauthorized access ]
The Swiss rail operator Viafier Retica shut down its Vereina car-shuttle online ticket shop after discovering malware on the system. The organization stated that attackers likely accessed the web shop database, which may contain customer and employee contact details and hashed passwords. Users were advised to change passwords used on other services. The incident caused service disruption to online ticket sales while containment and investigation actions were undertaken.
Cloud Imperium Games (CIG)
January 21, 2026
•[ unauthorized access, data breach, personal information ]
Cloud Imperium Games disclosed that on January 21, 2026 it was targeted by a sophisticated attack that resulted in unauthorized access to some backup systems with limited access to users basic account details. The company said impacted data included metadata, contact details, username, date of birth, and name. It stated the access was read-only and that no passwords or financial/payment information were stored in or accessible from the affected systems, and it had no indication the data had been leaked publicly at the time of disclosure.
French national bank accounts database (FICOBA) / Ministry of Economy and Finance
January 18, 2026
•[ data leak, stolen credentials, unauthorized access ]
Frances Ministry of Economy and Finance stated that part of the national database listing bank accounts in France was illegally accessed, exposing information linked to about 1.2 million accounts. The ministry said that starting in late January 2026, a malicious actor used stolen credentials belonging to an official to access part of the database. The exposed data includes bank details (RIB/IBAN), identity and address of the account holder, and in some cases a tax identification number. Authorities said they restricted access, stopped the intrusion, and notified banks to warn customers to be vigilant.
Daniel L Kaler DDS PC
January 15, 2026
•[ data leak, unauthorized access, medical information ]
Attackers gained unauthorized access to systems at a Dakota Dunes dental practice and exfiltrated patient records from its databases. The breach exposed personal, medical, and financial information belonging to approximately 27000 individuals.
