Search Results for "data breach"

Conpet February 4, 2026 • [ cyberattack, ransomware, data breach ] Romanias national oil pipeline operator Conpet said a cyberattack disrupted parts of its technology infrastructure and knocked its website offline earlier in the week, while operational technology systems (including SCADA and telecoms) remained functional and oil transport operations were not affected. Conpet did not confirm a data breach or name the attacker, but the Qilin ransomware group listed Conpet on its leak site and claimed to have stolen nearly one terabyte of data, publishing images of alleged internal documents, financial records, and passport scans. Conpet said it took immediate mitigation steps, worked with national cybersecurity authorities, and filed a criminal complaint.

Olympique de Marseille February 1, 2026 • [ cyberattack, data leak, data breach ] Olympique de Marseille confirmed a cyberattack after a threat actor claimed to have breached club systems earlier in February and leaked samples of staff and supporter data online.

Association Nationale des Premiers Secours January 30, 2026 • [ data breach, PII, legacy system ] In January 2026, a data breach impacting the French non-profit Association Nationale des Premiers Secours (ANPS) was posted to a hacking forum. The breach exposed 5.6k unique email addresses along with names, dates of birth and places of birth. ANPS self-submitted the data to HIBP and advised the incident was traced back to a legacy system and did not impact health data, financial information or passwords.

Ttareungyi (Seoul public bike-sharing service) January 30, 2026 • [ data breach, PII exposure, data leak ] Approximately 4500000 user records including user IDs and mobile phone numbers were exposed in a data breach affecting Seouls public bike-sharing service Ttareungyi; authorities stated the timing of the exposure was under investigation, and no attacker attribution had been confirmed at the time of reporting.

Multiple organizations with exposed MongoDB databases January 30, 2026 • [ MongoDB, data breach, ransomware ] A threat actor actively accessed, queried, and ransacked more than 1400 publicly exposed MongoDB application servers, exfiltrating data and leaving ransom notes demanding payment in exchange for deletion or non-disclosure of the stolen information.

Valtori (Finnish Government ICT Centre) mobile device management service January 30, 2026 • [ data breach, mobile device management, zero-day vulnerability ] Valtori reported a data breach identified on January 30, 2026 in the mobile device management service it provides to Finlands government shared ICT services. Valtori said the attacker accessed information used to operate the service, including names, work email addresses, phone numbers, and device details, and that investigation later found the scope could involve a substantially larger number of users (about 50,000). Valtori stated no data stored directly on mobile devices was compromised. The root cause was described as exploitation of a zero-day vulnerability in a commercial mobile management product, compounded by the systems failure to permanently delete historical data.

CarMax January 24, 2026 • [ data breach, extortion, data leak ] In January 2026, data allegedly sourced from US automotive retailer CarMax was published online following a failed extortion attempt. The data included 431k unique email addresses along with names, phone numbers and physical addresses.

PcComponentes January 22, 2026 • [ data breach, investigation, customer data ] TechRadar reported that the PC-components retailer PcComponentes was looking into online claims of a breach while the company denied that a confirmed customer data breach had occurred. The article focused on the investigation and the companys public position. In the accessible page text used here, there was no definitive disclosure of an attacker, a verified data set, or a confirmed number of affected customers, so the impact to customer data is coded as undetermined.

Cloud Imperium Games (CIG) January 21, 2026 • [ unauthorized access, data breach, personal information ] Cloud Imperium Games disclosed that on January 21, 2026 it was targeted by a sophisticated attack that resulted in unauthorized access to some backup systems with limited access to users basic account details. The company said impacted data included metadata, contact details, username, date of birth, and name. It stated the access was read-only and that no passwords or financial/payment information were stored in or accessible from the affected systems, and it had no indication the data had been leaked publicly at the time of disclosure.

MRO Corp. January 20, 2026 • [ data breach, third-party vendor incident, healthcare ] DataBreaches summarized a disclosure that a data breach at third-party medical records vendor MRO Corp. exposed personal and health information of patients tied to two Deaconess Health System hospitals in Western Kentucky (Deaconess Henderson Hospital and Deaconess Union County Hospital), as well as affected clinic patients whose records were subject to release-of-information requests. The health system stated the breach did not affect Deaconess internal systems or its electronic medical records platform; the incident was contained to the ROI vendor environment. The reporting did not enumerate specific data elements in the excerpt.

Starbucks January 19, 2026 • [ phishing, credential theft, data breach ] Starbucks disclosed a data breach affecting nearly 900 employees after attackers accessed Partner Central (the employee portal used to manage personal details, payroll, and benefits). Starbucks detected the incident on February 6, 2026 and said attackers obtained employee credentials through a phishing attack using fake websites mimicking the Partner Central portal. The company stated unauthorized access to employee accounts occurred between January 19 and February 11, 2026. Starbucks said some employees personal information may have been accessed,including names, Social Security numbers, dates of birth, and bank account and routing numbers, and that affected employees were offered identity-protection services.

Kyowon Group January 14, 2026 • [ ransomware, service outage, data exfiltration ] Kyowon Group, a large South Korean conglomerate with major education/publishing and digital services operations, confirmed a ransomware incident after initially describing a suspected attack that caused service outages. In a follow-up update, the company stated the incident occurred in January around 10 a.m. and that an attacker exfiltrated data from its systems. Reporting cited Korean media indicating the event may have impacted a substantial portion of Kyowons infrastructure (roughly 600 of 800 servers) and that there are millions of registered accounts, though Kyowon said it was still determining whether stolen data included customer information. The company said it notified relevant authorities (including KISA), engaged security experts, and worked to restore services while conducting a detailed investigation into scope and data exposure.

Victorian Government Schools January 14, 2026 • [ unauthorized access, data breach, student information ] The Department of Education in Victoria, Australia notified parents that an unauthorized third party accessed a database holding student account information. According to disclosure reporting, attackers accessed current and former students personal and school-related fields including names, school names, year levels, school-issued email addresses, and encrypted passwords associated with those accounts. The department stated that more sensitive details such as birth dates, home addresses, and phone numbers were not exposed. Authorities and cyber experts were involved, and the department reset student passwords as a precaution, temporarily restricting access until new credentials were issued. At the time of reporting, investigators had not found evidence that the accessed data had been publicly released or shared onward.

Choice Hotels International January 14, 2026 • [ social engineering, unauthorized access, PII leak ] An unauthorized person used social engineering to gain access to a Choice Hotels application containing records on franchisees and franchise applicants, exposing names and Social Security numbers.

Town of La Hague January 13, 2026 • [ intrusion, email compromise, unauthorized access ] The municipality of La Hague (France) announced it was the victim of an intrusion into its information system that impacted internal email accounts. Upon learning of the incident, the commune reported immediate actions including changing passwords for affected and administrator accounts, temporarily suspending email sending for impacted users, notifying relevant authorities (including ANSSI, CERT-FR, DINUM, CNIL, and local digital authorities), informing partners, and filing a formal complaint with the gendarmerie. Specialized law enforcement units began investigating the incident and its consequences while technical teams and service providers conducted parallel analysis. The announcement emphasized heightened vigilance against suspicious links/attachments and stated the municipality was working to restore system security.

Endesa January 13, 2026 • [ data breach, unauthorized access, data exfiltration ] SecurityWeek reported that Spanish energy company Endesa notified customers about a data breach involving unauthorized access to its commercial platform, also impacting customers of its gas distributor Energia XXI. Endesa stated that attackers accessed and likely exfiltrated basic customer identification information, contact details, national identification numbers (DNI), contract information, and payment details including IBANs. The company said passwords were not compromised and that the incident was contained quickly, with additional safeguards implemented and notifications sent to affected customers.

Langley Twigg Law January 11, 2026 • [ cyberattack, data breach, malware ] Langley Twigg Law (Napier, New Zealand) stated it was hit by a cyberattack on January 11, 2026. The firm said digital forensics and cyber specialists confirmed a malicious third-party launched a virus on its IT network, which was not protected by its cybersecurity software at the time. The firm reported the attacker extracted a portion of data from its file server containing internal operational information and some client documents. Langley Twigg said it disconnected its network from the internet, notified the Privacy Commissioner and police, and was working to determine exactly what information was affected before contacting impacted clients.

Metro Pet Vet January 7, 2026 • [ ransomware, data breach, technical difficulties ] A Lancaster County veterinary practice (Metro Pet Vet) reported it was hit by a ransomware attack after several days of technical issues. The office said Monday and Tuesday it experienced major technical difficulties, including its router stopping, and by Wednesday morning ransomware was detected and the practice lost access to its server. Staff reported they could not access pet vaccine and medication histories and had to operate like 40 years ago using paper while continuing to treat animals and relying on an app for scheduling. The practice stated no credit card or Social Security information was stored on the affected server, but client phone numbers and addresses were stored there, and it expected recovery work to continue into the following week.

Brightspeed January 5, 2026 • [ cybersecurity event, extortion, data breach ] Brightspeed said it is investigating reports of a cybersecurity event after the Crimson Collective extortion group claimed it breached the company and stole personal data tied to more than one million residential customers. Reporting described the attackers claimed dataset as including names, emails, phone numbers, postal addresses, user account information linked to session or user IDs, payment history, partial payment card information, and appointment or order records containing customer information. Brightspeed publicly stated it takes security seriously and is investigating the reports and would keep customers, employees, and authorities informed as it learns more.

LawPavilion January 1, 2026 • [ data breach, unauthorized access, data leak ] Unauthorized actors accessed systems associated with the Nigerian legal technology platform LawPavilion and exposed a database containing user account information affecting approximately 63,000 users, with no reported operational disruption.

Search Results (data breach)