Aura, an online safety service, confirmed that an unauthorized party accessed about 900,000 contact records through a targeted phone phishing attack on an employee. The exposed data includes names, email addresses, IP addresses, phone numbers, home addresses, and customer service comments. The hacking group ShinyHunters is believed to be behind the incident.

A March 2026 breach report highlighted the growing impact of a data breach at government contractor Conduent, affecting over 25 million Americans. The breach, attributed to the SafePay ransomware group, exposed 8.5 terabytes of data including Social Security numbers, medical records, and health insurance details. States like Oregon (10.5 million) and Texas (15.4 million) account for a significant portion of the victims.

News published today highlights a class-action lawsuit filed after a massive data breach by National Public Data, a Florida-based background check business. The breach, which occurred around April 8, 2024, exposed the private data of an estimated 2.9 billion U.S. citizens, including full names, Social Security numbers, and addresses, which was subsequently published on the dark web by a cybercriminal group called USDoD. Many victims are still unaware of their exposure due to a lack of notificati

Cybersecurity authorities in France have reported a major data breach affecting a third-party healthcare software provider linked to the country's health ministry, Cegedim Santé. Approximately 15.8 million administrative medical files were stolen, with nearly 165,000 files containing doctors' handwritten notes that sometimes included sensitive patient medical histories, such as HIV/AIDS status and sexual orientation. The leaked data included full names, gender, dates of birth, telephone numbers,

The cybercriminal group Shinyhunters has issued a "final warning" to Dutch internet provider Odido, threatening to publish the stolen data of 8 million customers if a ransom is not paid by February 26. The cyberattack, which occurred earlier this month, allowed access to personal data including names, phone numbers, IBANs, and passport numbers, and is considered one of the largest data breaches in the Netherlands.