Search Results for "financial data"

MyPillow May 25, 2026 • [ ransomware, data leak, financial data ] Play claimed it breached MyPillow and stole private company, employee, financial, and client documents. After CEO Mike Lindell denied the breach, the group published approximately 9.8GB of internal files, reportedly including payroll records, tax forms, bank statements, audit files, and client invoices.

Mediaworks Hungary Zrt. April 28, 2026 • [ data extortion, data leak, financial data ] World Leaks claimed responsibility for a data-extortion attack against Mediaworks Hungary Zrt. and released nearly 8.5 TB of allegedly sensitive internal files on its dark web site. Local media that reviewed the material said it included payroll records, contracts, financial statements, and internal communications; public reporting did not confirm encryption, deletion, or operational disruption.

Gelatissimo April 27, 2026 • [ data leak, ransomware, financial data ] DragonForce listed Australian gelato franchiser Gelatissimo on its leak site around April 27, 2026 and claimed to have stolen more than 350 GB of data, with other reporting specifying 352.24 GB. The claimed data included sensitive employee data, financial details, operational information, and executive contact details, and the group threatened publication unless the company responded; reviewed reporting did not confirm encryption or operational disruption.

Mytheresa April 12, 2026 • [ extortion, data leak, ShinyHunters ] In April 2026, the luxury fashion e-commerce platform Mytheresa was listed as a victim of the ShinyHunters "pay or leak" extortion group. After the ransom deadline passed, the group publicly released the data which contained 84k unique email addresses. The exposed data also included names, phone numbers, physical addresses, purchases and partial credit card data including card type, last 4 digits and expiry date.

Addi March 25, 2026 • [ fintech, data breach, extortion ] In March 2026, the Colombian fintech company Addi identified unauthorised activity on its platform and advised customers that "it is possible that your personal information may have been compromised". The "pay or leak" extortion group ShinyHunters subsequently claimed responsibility and published a large trove of personal data allegedly obtained from Addi. The data included 34M unique email addresses from credit scoring requests, credit bureau records, customer identity records and email validation logs. It also contained government issued IDs (Cdula de Ciudadana), estimated income, socioeconomic levels, purchases and other credit-related data points.

Pick n Pay Stores Limited March 23, 2026 • [ data breach, dark web, customer information ] Pick n Pay confirmed a data breach involving customer information from an older version of its on-demand delivery platform, first known as Bottles and later Pick n Pay asap!. Reporting said the historical customer dataset had been offered for sale on a dark-web forum since March 23, 2026 and included names, contact details, residential addresses, dates of birth, partial payment-card information, encrypted passwords, and certain banking details. Public reporting did not identify the threat actor, encryption, data destruction, or operational disruption.

Adelante Soluciones Financieras March 1, 2026 • [ data leak, unauthorized access, PII ] Addi identified unauthorized activity on its platform in March 2026 and advised customers that personal information may have been compromised. ShinyHunters later claimed responsibility and published a large trove of personal data allegedly obtained from Addi. DataBreach indexed 67,979,172 rows tied to the breach, while HIBP reported approximately 34 million exposed email addresses and credit-related data points. Public sources did not confirm encryption, data destruction, operational disruption, or a precise intrusion vector.

Odido February 12, 2026 • [ data breach, extortion, data leak ] In February 2026, the Dutch telco Odido was the victim of a data breach and subsequent extortion attempt. Following the incident, 1M records containing 317k unique email addresses was published publicly, with a threat by the attackers to continue leaking more data in the following days. The data also included names, physical addresses, phone numbers, bank account numbers and notes about customers left by service operators. Odido has published a disclosure notice detailing the extent of the incident, providing an FAQ and advising the incident also impacted dates of birth, passport and drivers licence numbers.

Odido February 12, 2026 • [ data breach, extortion, data leak ] In February 2026, Dutch telco Odido was the victim of a data breach and subsequent extortion attempt. Shortly after, 1M records containing 317k unique email addresses were published, followed by further releases exposing an additional 371k and then 833k unique email addresses, with the latter also including passport, drivers licence and European national ID numbers. The exposed data includes names, physical addresses, phone numbers, bank account numbers and customer service notes. Odido has published a disclosure notice advising that impacted data may also include dates of birth and government-issued identity document numbers.

Endesa January 13, 2026 • [ data breach, unauthorized access, data exfiltration ] SecurityWeek reported that Spanish energy company Endesa notified customers about a data breach involving unauthorized access to its commercial platform, also impacting customers of its gas distributor Energia XXI. Endesa stated that attackers accessed and likely exfiltrated basic customer identification information, contact details, national identification numbers (DNI), contract information, and payment details including IBANs. The company said passwords were not compromised and that the incident was contained quickly, with additional safeguards implemented and notifications sent to affected customers.

Netstar Australia January 5, 2026 • [ ransomware, data leak, financial data ] Netstar Australia, a Melbourne-based telematics and GPS fleet tracking provider, was named on a ransomware leak site in December 2025 by the Black Shrantac ransomware group. The threat actors alleged they compromised Netstars systems and stole customer, financial, and database information, claiming roughly 800GB of data and posting sample files said to include internal records related to staff, tax, equipment, and customers. Public reporting noted that Netstar had not provided a detailed public statement confirming the claims at the time of publication.

Bolttech January 5, 2026 • [ ransomware, data leak, extortion ] Cybernews reported that the Everest ransomware group claimed to have stolen about 186GB of data from Bolttech (a global insurance infrastructure platform) and demanded ransom. The group claimed the dataset includes employee/agent account details (emails, names, roles, identifiers), customer information and contact details, policy data, mortgage-related records, insured property addresses, and financial parameters/identifiers. The group posted samples and a countdown timer on its leak site, threatening to publish the data if Bolttech did not respond. The article notes the claim was based on the leak-site post and that confirmation from Bolttech was being sought.

Esquire Brands January 2, 2026 • [ ransomware, data leak, extortion ] Cybernews reported that Esquire Brands (a childrens footwear maker operating several brands/licenses) was posted on the Play ransomware leak site, with attackers threatening to publish stolen data shortly thereafter. According to the leak-site post summarized in the article, the attackers claimed they obtained client documents, payroll data, and finance information. The report frames the incident as data theft with extortion leverage (typical double-extortion posture).

Alpine Lumber December 14, 2025 • [ ransomware, data leak, personally identifiable information ] Alpine Lumbers posted notice states that on December 22, 2025 it determined certain network devices were encrypted with ransomware. The companys investigation found that between December 14 and December 22, 2025 an unauthorized actor viewed and obtained files stored on a file server. Alpine completed its file review and determined on February 5, 2026 that the affected files included employment-purpose information such as names, addresses, Social Security numbers, dates of birth, and health insurance plan enrollment information, and may also have included policy numbers, medical information, government IDs, financial account data, and payment card data. Alpine stated it notified law enforcement and began mailing letters and offering credit monitoring.

Advanced Family Surgery Center (AFSC) November 26, 2025 • [ data leak, healthcare, protected health information ] Threat actors identifying as Genesis claimed they compromised Advanced Family Surgery Center (AFSC) in Oak Ridge, Tennessee, and later added the organization to their leak site, asserting that about 100 GB of data had been exfiltrated from company file servers. The reported dataset included healthcare data, personal data, financial data, user folders, and operational files. The reporting outlet reviewed sample files and indicated they contained protected health information such as patient names, dates of birth, full Social Security numbers, dates of service, physician details, and insurance information. At the time of reporting, no official public notification by the provider had been located.

NYC Health + Hospitals November 25, 2025 • [ third-party breach, healthcare data, biometric data ] Unauthorized actors accessed NYC Health + Hospitals systems through a third-party vendor between approximately November 25, 2025 and February 2026, exposing personal, medical, health insurance, biometric, and financial information of approximately 1.8 million individuals.

Canadian Tire October 2, 2025 • [ data breach, retail, PII ] In October 2025, retailer Canadian Tire was the victim of a data breach that exposed almost 42M records. The data contained 38M unique email addresses along with names, phone numbers and physical addresses. Passwords were stored as PBKDF2 hashes and for a subset of records, dates of birth and partial credit card data were also included (card type, expiry and masked card number). In its disclosure notice, Canadian Tire advised that the incident did not impact bank account information or loyalty program data.

Legal Practice Board of Western Australia October 2, 2025 • [ ransomware, data leak, health data ] Ransomware attack in May led to compromise of additional data beyond initial disclosure; impacted info includes health, financial, and personal data.

Thayer Hotel at West Point September 19, 2025 • [ unauthorized access, data breach, personally identifiable information ] On 19 September 2025 the Thayer Hotel at West Point experienced unauthorized access to its computer systems, prompting a forensic investigation and containment measures. The hotel later confirmed that an Undetermined actor accessed systems holding data on roughly 33,053 individuals and that exposed information could include names, dates of birth, postal addresses, Social Security numbers, drivers license and passport numbers, state IDs, email addresses and some medical or financial data for guests and employees. A formal Notice of Data Security Incident dated 31 October 2025 describes the breach, and law firms have begun investigating potential claims while the hotel offers credit monitoring through Kroll.

Cetera Financial July 7, 2025 • [ unauthorized access, email compromise, PII ] Cetera Financial disclosed that an unauthorized person accessed a single employee email account between July 7 and August 21, 2025. A review completed around January 30, 2026 found that client information, including names, Social Security numbers, drivers license numbers, and financial account details, may have been compromised; affected individuals were notified beginning March 25, 2026.

Search Results (financial data)