La Comisi�n Nacional de Seguros y Fianzas (CNSF)
February 6, 2026
•[ data leak, security incident, PII ]
In the case of the National Insurance and Bonding Commission (CNSF) , the regulator reported that on January 30th it registered an information security incident that exposed intermediary identification documents containing data such as name, CURP (Unique Population Registry Code), RFC (Federal Taxpayer Registry), and photograph.
Choisir le Service Public (French civil service recruitment platform)
February 4, 2026
•[ data leak, personal data theft, phishing risk ]
Frances official civil-service recruitment platform Choisir le Service Public disclosed a security incident that resulted in the theft of personal data for 377,418 registered candidates. The stolen dataset includes standard identifiers (name, address, phone, date of birth, email) and more detailed professional/education profile fields that can enable highly targeted phishing and fraud. The platform stated passwords were not compromised and CVs/attachments were not taken. In response, some features (candidate space access and direct-application functionality) were temporarily disabled for several days, authorities were notified, and a complaint was planned.
Match Group Inc. (Tinder, Hinge, OkCupid)
January 29, 2026
•[ data leak, cybercrime, ShinyHunters ]
A cybercrime group calling itself ShinyHunters claimed responsibility for accessing and leaking limited user and internal data from Match Group platforms. Match Group confirmed a security incident but stated that passwords, financial information, and private messages were not compromised.
Target
January 12, 2026
•[ data leak, source code theft, internal documentation ]
BleepingComputer reported that multiple current and former Target employees confirmed that source code and documentation posted online by a threat actor match real internal systems. Employees cited internal system names, platform references, and CI/CD tooling elements in the leaked sample that aligned with Targets development environment, and an internal communication referenced an accelerated security change restricting access to Targets Enterprise Git server shortly after the outlet contacted the company. The incident as described involves alleged theft and publication of internal repositories and development documentation rather than an outage or consumer-facing service disruption.
Apex Legends
January 9, 2026
•[ security incident, account hijacking, gameplay disruption ]
BleepingComputer reported that Apex Legends players experienced a security incident over the weekend beginning at least January 9, 2026, where an external actor hijacked player characters during live matches, attempted to move characters off-map, disconnected players, and altered nicknames. Respawn publicly acknowledged an active security incident and stated that its initial investigation found no evidence that the bad actor could install or execute code (i.e., no RCE/injection) and did not frame the incident as a malware infection. The primary confirmed impact described is disruption of gameplay integrity and player sessions during live matches.
Truebit
January 8, 2026
•[ cryptocurrency theft, smart contract exploit, blockchain security ]
The Record reported that hackers stole more than $26 million in cryptocurrency from the Truebit platform on Thursday (January 8, 2026). Truebit said it became aware of a security incident involving one or more malicious actors and urged users not to interact with the affected smart contract. Blockchain security firms tracked 8,535 ETH taken (reported as about $26.44 million). The report frames the event as a major early-2026 crypto theft affecting Truebits on-chain assets, with ongoing law-enforcement contact and incident response actions mentioned, but without detailing the precise exploit mechanism in the article text provided.
Anchorage Police Department via Whitebox Technologies
January 7, 2026
•[ security incident, third-party risk, data migration ]
Anchorage Police Department reported it took immediate containment actions after being alerted on January 7, 2026 to a security incident affecting one of its technology service providers, Whitebox Technologies (a data migration firm). According to reporting cited in the post, the Citys IT department shut down the relevant Anchorage Police Department servers and disabled the vendors access along with all third-party service provider access while incident response work continued. As of the report date, no ransomware group had publicly claimed responsibility and there was no public statement from the vendor. Public reporting did not confirm whether any APD data was accessed or exfiltrated, but it confirms operational disruption via server shutdown and access suspension.
Pell City School System
December 15, 2025
•[ ransomware, security incident, data leak ]
Pell City School System reported that some of its technology systems were affected by a security incident. The superintendent told families that the student information system was not affected, but that a third party copied some files. The district said it was working to resolve the incident and restore services and stated it would not pay. A separate report stated that the SafePay ransomware group claimed responsibility in December 2025, but the school district had not publicly verified the claim or provided details about exactly what data was taken or how systems were accessed at the time of reporting.
ConnectWise
May 29, 2025
•[ nation-state attack, security incident, cloud security ]
ConnectWise reported a suspected nation-state breach impacting a small number of ScreenConnect cloud customers; investigation with Mandiant ongoing; no counts shared.
Harrods
May 1, 2025
•[ unauthorized access, security incident ]
Harrods reported attempts to gain unauthorized access and restricted internet access as a precaution; no confirmed breach or disruption attributable to attackers (not a successful cyber event).
