Sweden's BankID
March 17, 2026
•[ data leak, credential leak, source code leak ]
Biometric Update reported a hacker group calling itself ByteToBreach claimed a breach at CGIs Swedish division, leaking code and credentials tied to systems used by Swedish public authorities and linked in reporting to BankID authentication flows (including for the Swedish Tax Agency). The article said other databases containing personal data and electronic signature documents were allegedly being sold separately. The report is based on attacker claims and leak assertions and does not provide an official confirmation of full scope from CGI or BankID in the excerpt.
Toptal
July 20, 2025
•[ data leak, source code leak, supply chain attack ]
73 repositories made available, exposing private projects and source code. Attackers hijacked Toptals GitHub organization and published 10 malicious npm packages before takedown. Later updates indicated minimal impact to external users.
Pearson plc
January 1, 2025
•[ data leak, source code leak, credential leak ]
Threat actors used an exposed GitLab PAT to access source code and cloud credentials, stealing terabytes of corporate and customer data over months.
