Full List

Search

Search Results (data leak)

• ZenBusiness March 27, 2026 • [ data breach, extortion, ransomware ] In March 2026, the hacker and extortion group "ShinyHunters" claimed to have obtained a substantial corpus of data from ZenBusiness, a business formation and compliance platform. The group claimed the data had been exfiltrated from platforms including Snowflake, Mixpanel and Salesforce, and threatened to publish it if a ransom was not paid. The following month, after claiming payment had not been made, ShinyHunters publicly released the data. The collection amounted to many terabytes across thousands of files that appeared to originate from multiple systems and business functions, including leads, support records and other CRM-related data. The data contained approximately 5M unique email addresses, often accompanied by name and phone number depending on the source file.
• BreachForums Version 5 March 26, 2026 • [ data leak, hacking forum, credential leak ] In March 2026, a breach of one of the many iterations of the BreachForums hacking forum known as "Version 5" was publicly disclosed. The incident exposed 340k unique email addresses along with usernames and argon2 password hashes.
• The Left Party March 26, 2026 • [ ransomware, data leak, employee data ] Die Linke said its federal headquarters IT systems were hit by a ransomware attack on March 26, 2026, causing partial disruption, while outside reporting tied the incident to Qilin and a claim of stolen internal and employee data.
• Former Mossad Chief Tamir Pardo March 25, 2026 • [ data leak, espionage, email breach ] Handala published material from the personal Gmail account of former Mossad chief Tamir Pardo, and later reporting said the leak included business correspondence and a draft letter addressed to a CIA chief.
• Sound Radix March 25, 2026 • [ data leak, credential exposure ] In March 2026, the audio production tools company Sound Radix disclosed a data breach that they subsequently self-submitted to HIBP. The incident impacted 293k unique email addresses and names. Sound Radix advised that it is possible that additional data including hashed passwords may have been exposed, and that no financial or credit card information was impacted.
• Awa Bank March 25, 2026 • [ unauthorized access, data leak, test environment exposure ] Awa Bank confirmed that unauthorized access to an OA system test environment caused leakage of 27,745 customer, shareholder, and related-party records.
• ARC Dialysis LLC March 25, 2026 • [ ransomware, data leak, Personally Identifiable Information (PII) ] PEAR claimed responsibility for a cyberattack against ARC Dialysis LLC, an independent U.S. dialysis provider, with ransomware-monitoring sources listing an estimated attack date of March 25, 2026 and discovery on April 7, 2026. DataBreach later indexed 310,566 rows allegedly tied to the breach, including Social Security numbers, dates of birth, emails, phone numbers, names, and street addresses. Public sources did not confirm file encryption, operational disruption, or a precise intrusion vector.
• Ajax FC March 25, 2026 • [ data leak, unauthorized access, PII ] Ajax said a hacker unlawfully gained access to parts of its systems and viewed the email addresses of a few hundred people, as well as names, email addresses, and dates of birth for fewer than 20 people with stadium bans.
• Aroostook Mental Health Center March 24, 2026 • [ ransomware, data leak, network disruption ] Aroostook Mental Health Center said a recent network disruption affected some business operations and temporarily interrupted connectivity, while outside reporting linked the incident to the Qilin ransomware group and a related leak-site extortion claim.
• Mercor March 24, 2026 • [ supply-chain compromise, data leak, source code theft ] Mercor confirmed it was affected by the LiteLLM supply-chain compromise linked to TeamPCP. Lapsus$ claimed to have stolen more than 4 TB of Mercor data, including a 200+ GB database, nearly 1 TB of source code, and 3 TB of videos and other information; TechCrunch reviewed a sample containing Slack data, ticketing data, and apparent contractor-video material, while Mercor said it contained and remediated the incident and was investigating with outside forensics experts.
• Le Centre national des œuvres universitaires et scolaires March 23, 2026 • [ data leak, data exfiltration, personal information ] The Cnous said data was exfiltrated from its mesrdv.etudiant.gouv.fr appointment platform, exposing personal information from student social-services and housing appointments taken over the past ten years.
• Russell Cellular March 23, 2026 • [ data leak, customer records, employee credentials ] Russell Cellular was reported to be the source of a dataset offered for sale containing alleged customer records and employee credentials.
• Liberty March 23, 2026 • [ unauthorized access, data leak, personal information ] Liberty notified customers that unauthorized access to personal information had occurred and said the exposed data included names, surnames, and identity numbers, while policies, investments, and services remained secure and operational.
• Los Angeles City Attorney’s Office March 20, 2026 • [ data leak, unauthorized access, third-party breach ] World Leaks posted an archive of approximately 7.7 TB / 337,000 files after unauthorized access to a third-party discovery-transfer tool used by the Los Angeles City Attorneys Office; the data included LAPD civil litigation discovery files, personnel and disciplinary records, witness information, medical information, and investigative materials, while LAPD said its own systems were not breached.
• GFN.am March 20, 2026 • [ unauthorized access, data leak, PII ] GFN.am, NVIDIA's regional GeForce NOW alliance partner in Armenia, suffered unauthorized access to partner-operated infrastructure between March 20 and March 28, 2026. The breach affected Armenian GeForce NOW users registered before March 9 and exposed personal account information including names, email addresses, phone numbers, dates of birth, usernames, membership status, and two-factor authentication status. NVIDIA said its own infrastructure was not affected. A forum actor using the ShinyHunters name claimed the breach, but reporting indicates the real ShinyHunters group denied involvement, so the specific perpetrator remains unidentified.
• P3 Global Intel March 18, 2026 • [ data breach, data leak, personally identifiable information ] DataBreaches summarized reporting that hackers calling themselves The Internet YIFF Machine stole data from cloud-based tip and intelligence management company P3 Global Intel and provided it to DDoSecrets. The exposed dataset includes millions of tips and extensive personal data about people accused in tips, including names, email addresses, dates of birth, phone numbers, home addresses, license plate numbers, Social Security numbers, and criminal histories. The platform is used by thousands of clients, including Crime Stoppers programs, local and federal law enforcement agencies, public schools, and the U.S. military, so the breach has broad downstream exposure across many organizations.
• Aura March 18, 2026 • [ voice phishing, vishing, data leak ] BleepingComputer reported Aura confirmed an incident where an unauthorized party gained access to nearly 900,000 records containing names and email addresses. Aura said the incident was caused by voice phishing targeting an employee and that the exposed data originated from a marketing tool used by a company acquired in 2021. Aura stated the event exposed information for 20,000 current and 15,000 former customers within the larger marketing dataset and that compromised customer information includes full names, email addresses, home addresses, and phone numbers, while emphasizing SSNs, account passwords, and financial information were not compromised. ShinyHunters claimed responsibility and said it stole 12GB of files and leaked them.
• Sterling Bank Plc March 18, 2026 • [ CVE-2025-55182, remote code execution, data leak ] ByteToBreach exploited CVE-2025-55182 in Sterling Banks internet-facing pilot infrastructure on March 18, 2026, gaining unauthenticated remote code execution, conducting internal reconnaissance, and publishing artefacts that Web Security Lab assessed as technically substantiating compromise of customer and employee records.
• Infinite Campus March 18, 2026 • [ unauthorized access, data leak, account compromise ] An unauthorized actor accessed an Infinite Campus employee's Salesforce account, exposing names and contact information for school staff; Infinite Campus said no student databases were accessed.
• The Gauteng Provincial Governmen March 17, 2026 • [ ransomware, data leak, data exfiltration ] Daily Maverick reported a ransomware-as-a-service syndicate calling itself XP95 claimed it stole 3.8TB of data from the Gauteng Provincial Government. The article describes the breach as a major failure of basic cybersecurity infrastructure and governance, with a massive dataset reportedly lifted/exfiltrated and allegedly offered for sale. The report did not provide a definitive public inventory of affected systems or all data elements, but characterized the exposure as potentially spanning personnel, procurement, and other government records at very large scale.