Odido
February 12, 2026
•[ data breach, extortion, data leak ]
In February 2026, Dutch telco Odido was the victim of a data breach and subsequent extortion attempt. Shortly after, 1M records containing 317k unique email addresses were published, followed by further releases exposing an additional 371k and then 833k unique email addresses, with the latter also including passport, drivers licence and European national ID numbers. The exposed data includes names, physical addresses, phone numbers, bank account numbers and customer service notes. Odido has published a disclosure notice advising that impacted data may also include dates of birth and government-issued identity document numbers.
Odido
February 12, 2026
•[ data breach, extortion, PII ]
In February 2026, Dutch telco Odido was the victim of a data breach and subsequent extortion attempt. Shortly after, a total of 6M unique email addresses were published across four separate data releases over consecutive days. The exposed data includes names, physical addresses, phone numbers, bank account numbers, dates of birth, customer service notes and passport, drivers licence and European national ID numbers. Odido has published a disclosure notice including an FAQ to support affected customers.
Lena Health
December 15, 2025
•[ data leak, healthcare, insecure server ]
AI digital helper Lena Health breach allegedly exposed sensitive Houston Methodist patient data on a dark web forum; access claimed via insecure server.
London Womens Clinic
October 19, 2025
•[ ransomware, data leak, dark web ]
Russian ransomware group Qilin reportedly broke into systems used by the London Womens Clinic which runs seventeen IVF and fertility centres across the United Kingdom and is believed to have exfiltrated large volumes of sensitive patient data after posting about the breach on dark web channels on October 19 2025 raising concerns for both private and NHS patients
Cox Enterprises, Inc.
August 9, 2025
•[ vulnerability, zero-day, data leak ]
Hackers exploited a zeroday vulnerability in Oracle EBusiness Suite, breached Cox Enterprises network, and exfiltrated personal data of about 9,479 individuals; Cl0p group later published stolen files on darkweb leak site
Toys “R†Us Canada
July 30, 2025
•[ data leak, phishing, dark web ]
Company confirmed a threat actor copied records from its customer database and later leaked them on the dark web; investigation verified the datas authenticity and regulators were notified. No payment credentials were exposed; customers warned about phishing.
Sam’s Club
March 28, 2025
•[ ransomware, data leak, cybersecurity investigation ]
Sams Club, a U.S. warehouse retail chain owned by Walmart Inc., is investigating claims by the ransomware group Clop that it breached the companys systems. Clop added Sams Club to its dark-web leak site but so far has not provided any proof of data exfiltration. Sams Club acknowledged awareness of the potential incident and emphasized protecting member information is a priority while its internal investigation continues.
