Breaches


  • Crypto regulation
    Image attribution tooltip
    Leon Neal via Getty Images
    Image attribution tooltip

    Hack could cost Coinbase up to $400M: filing

    The crypto exchange is offering a $20 million reward for information leading to the hackers’ arrest. Coinbase terminated customer support agents who leaked customer data.

    By Gabrielle Saulsbery • May 16, 2025
  • A legal technology concept
    Image attribution tooltip
    Dmitry Nogaev via Getty Images
    Image attribution tooltip

    Tennessee’s largest school district sues PowerSchool over data breach

    Memphis-Shelby County Schools’ federal lawsuit against the ed tech giant is among the latest that have been filed by over 100 other districts nationwide.

    By Anna Merod • May 16, 2025
  • A Co-op supermarket worker loads a Starship delivery robot with groceries during a visit from the Labour Leader Keir Starmer on July 23, 2020 in Milton Keynes, England.Co-op is restoring systems in May 2025 after a major cyberattack led to major disruptions at the UK food retailer.
    Image attribution tooltip
    Darren Staples via Getty Images
    Image attribution tooltip

    UK retailer Co-op restoring systems following major cyberattack

    The company is carefully ramping up systems and is boosting deliveries to its 2,300 food stores after stock issues.

    By May 14, 2025
  • A general view of the exterior of the branch of retailer Marks and Spencer at Westfield White City on October 20, 2020 in London, England. Marks & Spencer said customer data was accessed in an April 2025 cyberattack.
    Image attribution tooltip
    Leon Neal via Getty Images
    Image attribution tooltip

    M&S says hackers gained access to customer data in April cyberattack

    The UK retailer said the payment data was masked and therefore not usable.

    By May 13, 2025
  • Digital technology vector background depicting a cyberattack.
    Image attribution tooltip
    WhataWin via Getty Images
    Image attribution tooltip

    PowerSchool data breach leads to school extortion attempts

    A threat actor has contacted multiple school districts demanding payments related to student and staff data stolen in a December breach.

    By Anna Merod • May 13, 2025
  • exclamation point depicted hovering above network infrastructure
    Image attribution tooltip
    Just_Super/Getty Images via Getty Images
    Image attribution tooltip

    Ransomware claims dipped slightly in 2024, cyber insurer says

    A major cyber insurer’s annual report lays out how hackers are trying to steal money and how its policyholders responded.

    By May 7, 2025
  • Harrods is one of three UK-based retail companies responding to a spree of attacks beginning in April 2025.
    Image attribution tooltip
    Hollie Adams via Getty Images
    Image attribution tooltip

    UK authorities warn of retail-sector risks following cyberattack spree

    Three major retail brands, including Harrods and M&S, have been targeted in recent weeks.

    By May 5, 2025
  • Cyber security  firewall interface protection concept. Businesswoman protecting herself from cyber attacks. Personal data security and banking
    Image attribution tooltip
    Getty Images via Getty Images
    Image attribution tooltip

    Zero-day exploitation drops slightly from last year, Google report finds

    Google’s threat intelligence team said software vendor security practices are making it harder for hackers to find flaws in some platforms.

    By April 29, 2025
  • The FBI seal
    Image attribution tooltip
    Chip Somodevilla via Getty Images
    Image attribution tooltip

    FBI seeks public tips about Salt Typhoon

    The bureau’s public alert follows months of conversations with the telecom industry about the far-reaching cyber espionage campaign by a Chinese nation-state threat actor.

    By April 28, 2025
  • The FBI seal
    Image attribution tooltip
    Chip Somodevilla via Getty Images
    Image attribution tooltip

    BEC scams, investment fraud accounted for biggest cybercrime losses in 2024

    Americans lost $16.6 billion to cyber fraud last year, according to an FBI report, with phishing, spoofing and extortion topping the list of complaints.

    By April 23, 2025
  • Executives working through an AI training course.
    Image attribution tooltip
    Weedezign via Getty Images
    Image attribution tooltip

    AI impact on data breach outcomes remains ‘limited’: Verizon

    While AI-generated text in malicious emails has doubled, the rate of successful phishing breaches is stable.

    By Lindsey Wilkinson • April 23, 2025
  • A 2018 photo of the Wisconsin state capitol building. The state was among a number of states impacted by a 2025 data breach at Conduent, a payments technology vendor.
    Image attribution tooltip
    Andy Manis via Getty Images
    Image attribution tooltip

    Conduent warns January breach impacted a ‘significant’ number of people

    The company incurred a material amount of nonrecurring expenses during Q1 related to potential notification requirements.

    By April 22, 2025
  • A single opened padlock glows red among rows of closed blue padlocks.
    Image attribution tooltip
    JuSun via Getty Images
    Image attribution tooltip

    Lemonade says applicant driver’s license numbers exposed

    The company is notifying about 190,000 people after certain information used for car insurance quotes was left unencrypted.

    By April 18, 2025
  • Exterior of Stop & Shop supermarket
    Image attribution tooltip
    Sam Silverstein/Cybersecurity Dive
    Image attribution tooltip

    Ahold Delhaize confirms data stolen after threat group claims credit for November attack

    A highly active threat group says it will release stolen information, months after an attack disrupted e-commerce operations at the grocer’s U.S. business.

    By , Sam Silverstein • April 17, 2025
  • Oracle office in Lehi City, Utah, USA, June 25, 2023.
    Image attribution tooltip
    JHVEPhoto via Getty Images
    Image attribution tooltip

    CISA warns companies to secure credentials amid Oracle Cloud breach claims

    The agency is asking organizations to come forward if they detect suspicious activity or other evidence of a compromise.

    By April 17, 2025
  • A gray four-door crossover vehicle with a woman seated with her hand on the steering wheel is parked in front of a Hertz building.
    Image attribution tooltip
    Courtesy of Hertz/GM
    Image attribution tooltip

    Hertz says personal data breached in connection with Cleo file-transfer flaws

    The company is the latest organization to investigate or disclose an incident linked to a monthslong attack spree.

    By April 15, 2025
  • Creative image depicting a ransomware attack.
    Image attribution tooltip
    bin kontan / Getty Images via Getty Images
    Image attribution tooltip

    Sensata Technologies’ operations disrupted by ransomware attack

    The company, which makes sensors for the automotive and aerospace sectors, does not currently expect the attack to have a material impact.

    By April 10, 2025
  • Statue of Alexander Hamilton.
    Image attribution tooltip
    Chip Somodevilla via Getty Images
    Image attribution tooltip

    Treasury Department bank regulator discloses major hack

    Attackers gained unauthorized, prolonged access to the Office of the Comptroller of the Currency’s email system, accessing numerous emails containing highly sensitive regulatory data.

    By Elizabeth Montalbano, Contributing Reporter • April 9, 2025
  • Rice Krispies, one of WK Kellogg's iconic cereals.
    Image attribution tooltip
    https://www.gettyimages.com/detail/news-photo/rice-krispies-boxes-with-a-spider-man-promotion-sit-on-a-news-photo/1540408?adppopup=true via Getty Images
    Image attribution tooltip

    WK Kellogg confirms employee data breach tied to Cleo file-transfer flaw

    The Michigan-based breakfast cereal company confirmed it used Cleo as a vendor for human resources data.

    By April 8, 2025
  • risk management
    Image attribution tooltip
    Parradee Kietsirikul via Getty Images
    Image attribution tooltip

    Check Point Software confirms security incident but pushes back on threat actor claims

    A malicious hacker recently offered to sell the security firm’s sensitive customer information.

    By April 2, 2025
  • Sam's Club
    Image attribution tooltip
    Courtesy of Sam's Club
    Image attribution tooltip

    Sam’s Club investigating attack claim linked to Clop ransomware

    The prolific gang is linked to the exploitation of critical flaws in Cleo file transfer software.

    By April 1, 2025
  • Cyber Security Data Breach Protection Ransomware Email Phishing Encrypted Technology, Digital Information Protected Secured
    Image attribution tooltip
    Just_Super via Getty Images
    Image attribution tooltip

    Hacker linked to Oracle Cloud intrusion threatens to sell stolen data

    Security researchers from Trustwave SpiderLabs provided additional evidence backing up claims of a breach.

    By March 31, 2025
  • Oracle corporation sign hanging on the top of the building in Brisbane.
    Image attribution tooltip
    Marlon Trottmann via Getty Images
    Image attribution tooltip

    Cybersecurity firms brace for impact of potential Oracle Cloud breach

    As evidence continues to pile up, security providers warn customers to secure networks.

    By March 28, 2025
  • Oracle's Silicon Valley corporate headquarters in Redwood City, California picture on Oct. 26, 2019.
    Image attribution tooltip
    Sundry Photography via Getty Images
    Image attribution tooltip

    Researchers back claim of Oracle Cloud breach despite company’s denials

    Security researchers from CloudSEK provided additional evidence supporting a hacker’s claim to have exfiltrated 6 million records.

    By March 25, 2025
  • legal role in data incident or breach
    Image attribution tooltip
    Just_Super via Getty Images
    Image attribution tooltip

    Rubrik discloses server breach, compromise of ‘access information’

    The data security and backup vendor said it found no evidence that the stolen data was used by cyber threat actors.

    By March 4, 2025