Telus Digital
March 12, 2026
•[ Data breach, Credential theft, Cloud security ]
Telus Digital confirmed a security incident after ShinyHunters claimed it stole nearly 1 petabyte of data in a multi-month breach. Reporting stated ShinyHunters said it gained initial access using Google Cloud Platform credentials found in data stolen in the Salesloft/Drift breach, and that Telus was not negotiating. At publication, Telus Digital had not been added to the actors leak site in the cited report, and specific data categories and affected individuals were not publicly enumerated in the DataBreaches summary.
Crunchyroll
March 12, 2026
•[ data leak, malware, third-party risk ]
The Record reported an unidentified threat actor claimed to have breached a Telus employee account in India (a business process vendor for Crunchyroll with access to support tickets). The attacker said they infected the employee device with malware and stole about 100GB of data from Crunchyrolls ticketing system. The outlet reported samples included IP addresses, email addresses, and other information related to customer service tickets. Screenshots showed access to Crunchyrolls platforms including Slack, Zendesk, and Google Workspace; the hacker claimed the breach occurred on March 12, 2026 and that access was revoked within 24 hours.
Loblaw
March 10, 2026
•[ data breach, unauthorized access, customer information ]
Canadian retailer Loblaw disclosed a data breach after a criminal third party accessed basic customer information. The company said the accessed data included names, email addresses and phone numbers. Loblaw stated its investigation indicated passwords, health information, and credit card data were not compromised, and PC Financial was not impacted. The company did not provide the number of affected customers, the intrusion vector or evidence of ransomware. The confirmed primary effect is unauthorized access to limited customer contact information.
Slavia Insurance
March 10, 2026
•[ data breach, medical records, vendor error ]
Czech insurer Slavia pojiovna reported that attackers obtained about 150 GB of sensitive data, including insurance documents, medical records, and direct communications with clients. The companys spokesperson attributed the incident to an error by a supplier/vendor and said the issue was detected by Slavias security systems and remediation steps were underway to prevent recurrence. Public reporting did not identify the attacker or provide counts of affected clients, but indicated the stolen data types are sensitive and could enable fraud or targeted extortion/phishing.
BridgePay Network Solutions (vendor) impacting City of Marietta online payments
February 15, 2026
•[ ransomware, third-party risk, payment processing outage ]
City officials said Mariettas inability to process some online credit card payments was caused by a nationwide ransomware incident at BridgePay Network Solutions, one of the citys online payment gateway providers. The city stated its own systems and data were not compromised, but the vendor outage disrupted payment processing for municipal services. Officials worked to stand up a secure alternative solution while the vendor coordinated response with federal authorities and incident-response partners.
Flickr (via an undisclosed third-party provider)
February 5, 2026
•[ data leak, third-party risk, phishing ]
Flickr notified users of a potential data breach after a vulnerability in a system operated by one of its third-party email service providers may have allowed unauthorized access to member information. Flickr said it was alerted on February 5, 2026 and shut down access to the affected system within hours. The company stated that passwords and payment card numbers were not compromised. Exposed data may include real names, email addresses, usernames, account type, IP address, general location, and platform activity; Flickr urged vigilance for phishing and recommended changing passwords on other services if reused.
Betterment
January 9, 2026
•[ social engineering, data leak, phishing ]
TechCrunch reported that Betterment confirmed hackers accessed some of its systems on January 9, 2026 through a social engineering attack involving third-party platforms used for marketing and operations. Betterment said the attackers accessed customer personal information including names, email and postal addresses, phone numbers, and dates of birth, and used that access to send fraudulent scam notifications to users. The company said it detected and revoked unauthorized access the same day, launched an investigation with external help, and stated its ongoing investigation indicated no customer accounts were accessed and no passwords or login credentials were compromised. Betterment did not disclose how many customers were affected.
Anchorage Police Department via Whitebox Technologies
January 7, 2026
•[ security incident, third-party risk, data migration ]
Anchorage Police Department reported it took immediate containment actions after being alerted on January 7, 2026 to a security incident affecting one of its technology service providers, Whitebox Technologies (a data migration firm). According to reporting cited in the post, the Citys IT department shut down the relevant Anchorage Police Department servers and disabled the vendors access along with all third-party service provider access while incident response work continued. As of the report date, no ransomware group had publicly claimed responsibility and there was no public statement from the vendor. Public reporting did not confirm whether any APD data was accessed or exfiltrated, but it confirms operational disruption via server shutdown and access suspension.
Ontario Health atHome
April 13, 2025
•[ ransomware, data exfiltration, healthcare ]
Ontario Medical Supply (OMS), a vendor supporting Ontario Health atHomes home care supply operations, experienced a ransomware incident in 2025. Reporting described earliest observed access on March 17, 2025, followed by ransomware payload execution on April 13, 2025, after which OMS systems failed and the organization was locked out of a significant portion of servers. Internal reporting referenced impacts to roughly 200,000 patients and indicated breached data included names, contact information, and medical supplies/equipment ordered. OMS later stated only a limited amount of incomplete data was exfiltrated and said it found no evidence of misuse at the time of its statement.
