Search Results for "personally identifiable information"

University of Nottingham June 9, 2026 • [ cyber attack, extortion, data leak ] In June 2026, the University of Nottingham was the target of a cyber attack, later linked to a ShinyHunters "pay or leak" extortion campaign. Tens of gigabytes of data were subsequently published online and included 455k unique email addresses along with extensive personal information including names, addresses, phone numbers, ethnicities, disabilities, passport numbers and information relating to academic enrolments and fee payments. In a post about the incident, the university advised that the breach affected both "current students, and alumni".

Almerys May 22, 2026 • [ data breach, healthcare, personally identifiable information ] Almerys, a French third-party health payments processor, suffered a May 2026 breach involving its online coverage authorization portal used by healthcare professionals and facilities. Reporting said hackers gained access to the portal and that a threat actor later advertised more than 44 million Almerys-linked records and more than 15 million unique French Social Security numbers for sale. Almerys reportedly took the affected portal offline as a containment measure; no named actor, encryption, data destruction, or attacker-caused operational disruption was confirmed.

Škoda Auto May 11, 2026 • [ data leak, vulnerability exploitation, unauthorized access ] Attackers exploited a vulnerability in koda Auto's online shop software and gained temporary unauthorized access to the shop system. koda said customer names, addresses, contact details, order details, account information, and password hashes may have been accessed, but credit card data was not stored in the system. The company took the online shop offline for containment, patched the vulnerability, reviewed security controls, notified authorities, and retained external forensic experts; the specific threat actor was not identified.

CTT April 26, 2026 • [ data leak, personally identifiable information, postal service ] In April 2026, data allegedly obtained from CTT, Portugals national postal service, was posted to a public hacking forum. The data included 468k unique email addresses along with names, phone numbers and parcel tracking numbers which can be used to retrieve the tracking history of the parcel.

Empower Group April 15, 2026 • [ data leak, personally identifiable information, finance ] DragonForce reportedly claimed responsibility for a breach of Empower Group, a New York-based alternative financing provider, and claimed to have exfiltrated approximately 316GB of data. DataBreach later indexed 6,691,415 rows allegedly tied to the breach, including Social Security numbers, dates of birth, email addresses, phone numbers, names, and street addresses. Public sources did not confirm file encryption or operational disruption.

Marcus & Millichap April 12, 2026 • [ hacking, extortion, data leak ] In April 2026, the commercial real estate brokerage firm Marcus & Millichap was named as one of multiple alleged victims of the ShinyHunters hacking and extortion group. Data alleged to have been obtained from the company was subsequently released publicly and included 1.8M unique email addresses, along with names, phone numbers and employment-related information including employer, job title and physical company address. In their disclosure notice, Marcus & Millichap advised that data which may have been accessed appeared limited to "company forms, templates, marketing materials, and general contact information".

The McLamb Group, Inc. April 6, 2026 • [ data leak, PII, Social Security numbers ] PEAR claimed The McLamb Group, Inc. on its leak site with an estimated attack date of April 6, 2026. DataBreach indexed 124,203 rows and listed exposed fields including Social Security numbers, dates of birth, email addresses, phone numbers, names, and street addresses. Public reporting did not confirm encryption, data destruction, attacker-caused operational disruption, or the exact intrusion vector.

SongTrivia2 April 2, 2026 • [ data breach, data leak, password hashes ] In April 2026, the music trivia platform SongTrivia2 suffered a data breach that was subsequently published to a public hacking forum. The data contained a total of 291k unique email addresses sourced from either Google OAuth logins or accounts created on the site, the latter also containing bcrypt password hashes. The data also included names, usernames and avatars.

Addi March 25, 2026 • [ fintech, data breach, extortion ] In March 2026, the Colombian fintech company Addi identified unauthorised activity on its platform and advised customers that "it is possible that your personal information may have been compromised". The "pay or leak" extortion group ShinyHunters subsequently claimed responsibility and published a large trove of personal data allegedly obtained from Addi. The data included 34M unique email addresses from credit scoring requests, credit bureau records, customer identity records and email validation logs. It also contained government issued IDs (Cdula de Ciudadana), estimated income, socioeconomic levels, purchases and other credit-related data points.

Awa Bank March 25, 2026 • [ unauthorized access, data leak, test environment exposure ] Awa Bank confirmed that unauthorized access to an OA system test environment caused leakage of 27,745 customer, shareholder, and related-party records.

Pick n Pay Stores Limited March 23, 2026 • [ data breach, dark web, customer information ] Pick n Pay confirmed a data breach involving customer information from an older version of its on-demand delivery platform, first known as Bottles and later Pick n Pay asap!. Reporting said the historical customer dataset had been offered for sale on a dark-web forum since March 23, 2026 and included names, contact details, residential addresses, dates of birth, partial payment-card information, encrypted passwords, and certain banking details. Public reporting did not identify the threat actor, encryption, data destruction, or operational disruption.

P3 Global Intel March 18, 2026 • [ data breach, data leak, personally identifiable information ] DataBreaches summarized reporting that hackers calling themselves The Internet YIFF Machine stole data from cloud-based tip and intelligence management company P3 Global Intel and provided it to DDoSecrets. The exposed dataset includes millions of tips and extensive personal data about people accused in tips, including names, email addresses, dates of birth, phone numbers, home addresses, license plate numbers, Social Security numbers, and criminal histories. The platform is used by thousands of clients, including Crime Stoppers programs, local and federal law enforcement agencies, public schools, and the U.S. military, so the breach has broad downstream exposure across many organizations.

Hanover County Public Schools March 11, 2026 • [ ransomware, network data access, personally identifiable information ] Hanover County Public Schools experienced a March 2026 data-security incident that disrupted internet service and multiple school systems. The district later said a malicious actor gained access to network data and attempted to deploy ransomware to encrypt portions of the network, but the access was terminated soon after detection and successful encryption was not confirmed. The district warned that personally identifiable information may have been viewed or accessed.

FBI surveillance system March 6, 2026 • [ data breach, surveillance system, law enforcement sensitive information ] Reporting stated the White House was working with the FBI, NSA, and CISA to respond to an apparent breach of an FBI surveillance system disclosed to Congress. The system is unclassified but contains law-enforcement sensitive information, including returns from legal process such as pen register and trap-and-trace surveillance returns, and personally identifiable information about subjects of FBI investigations. The report did not identify the attacker, intrusion vector, or the full scope/timeline of access.

Woflow March 5, 2026 • [ supply-chain risk, extortion, data leak ] ShinyHunters claimed it compromised Woflow, an AI-driven merchant data platform, in what was described as a supply-chain risk for major clients. The group threatened to leak data by March 6, 2026 if demands were not met, and claimed it stole internal corporate information, personally identifiable information, and transaction/order details. Reporting noted the group did not provide a verifiable public data sample and Woflow did not provide a public response at the time, so the incident remains an alleged breach based on the extortion claim.

Wilhelmsen Ship Management (Norway) AS February 27, 2026 • [ ransomware, data leak, operational disruption ] A ransomware incident affected systems on a single Wilhelmsen-managed ship and disrupted that vessels operations. Later reporting said passport and next-of-kin information relating to personnel on that ship was also compromised.

Mexico City Civil Registry February 26, 2026 • [ data leak, unauthorized access, exfiltration ] Attackers gained unauthorized access to Mexican government civil registry databases and exfiltrated sensitive records. Stolen data reportedly includes birth certificate information and national identification numbers from Mexico Citys civil registry.

Odido February 12, 2026 • [ data breach, extortion, data leak ] In February 2026, the Dutch telco Odido was the victim of a data breach and subsequent extortion attempt. Following the incident, 1M records containing 317k unique email addresses was published publicly, with a threat by the attackers to continue leaking more data in the following days. The data also included names, physical addresses, phone numbers, bank account numbers and notes about customers left by service operators. Odido has published a disclosure notice detailing the extent of the incident, providing an FAQ and advising the incident also impacted dates of birth, passport and drivers licence numbers.

Odido February 12, 2026 • [ data breach, extortion, data leak ] In February 2026, Dutch telco Odido was the victim of a data breach and subsequent extortion attempt. Shortly after, 1M records containing 317k unique email addresses were published, followed by further releases exposing an additional 371k and then 833k unique email addresses, with the latter also including passport, drivers licence and European national ID numbers. The exposed data includes names, physical addresses, phone numbers, bank account numbers and customer service notes. Odido has published a disclosure notice advising that impacted data may also include dates of birth and government-issued identity document numbers.

Valtori (Finnish Government ICT Centre) mobile device management service January 30, 2026 • [ data breach, mobile device management, zero-day vulnerability ] Valtori reported a data breach identified on January 30, 2026 in the mobile device management service it provides to Finlands government shared ICT services. Valtori said the attacker accessed information used to operate the service, including names, work email addresses, phone numbers, and device details, and that investigation later found the scope could involve a substantially larger number of users (about 50,000). Valtori stated no data stored directly on mobile devices was compromised. The root cause was described as exploitation of a zero-day vulnerability in a commercial mobile management product, compounded by the systems failure to permanently delete historical data.

Search Results (personally identifiable information)