Hack could cost Coinbase up to $400M: filing

The crypto exchange is offering a $20 million reward for information leading to the hackers’ arrest. Coinbase terminated customer support agents who leaked customer data.

By Gabrielle Saulsbery • May 16, 2025

Tennessee’s largest school district sues PowerSchool over data breach

Memphis-Shelby County Schools’ federal lawsuit against the ed tech giant is among the latest that have been filed by over 100 other districts nationwide.

By Anna Merod • May 16, 2025

UK retailer Co-op restoring systems following major cyberattack

The company is carefully ramping up systems and is boosting deliveries to its 2,300 food stores after stock issues.

By David Jones • May 14, 2025

M&S says hackers gained access to customer data in April cyberattack

The UK retailer said the payment data was masked and therefore not usable.

By David Jones • May 13, 2025

PowerSchool data breach leads to school extortion attempts

A threat actor has contacted multiple school districts demanding payments related to student and staff data stolen in a December breach.

By Anna Merod • May 13, 2025

Ransomware claims dipped slightly in 2024, cyber insurer says

A major cyber insurer’s annual report lays out how hackers are trying to steal money and how its policyholders responded.

By Eric Geller • May 7, 2025

UK authorities warn of retail-sector risks following cyberattack spree

Three major retail brands, including Harrods and M&S, have been targeted in recent weeks.

By David Jones • May 5, 2025

Zero-day exploitation drops slightly from last year, Google report finds

Google’s threat intelligence team said software vendor security practices are making it harder for hackers to find flaws in some platforms.

By Eric Geller • April 29, 2025

FBI seeks public tips about Salt Typhoon

The bureau’s public alert follows months of conversations with the telecom industry about the far-reaching cyber espionage campaign by a Chinese nation-state threat actor.

By Eric Geller • April 28, 2025

BEC scams, investment fraud accounted for biggest cybercrime losses in 2024

Americans lost $16.6 billion to cyber fraud last year, according to an FBI report, with phishing, spoofing and extortion topping the list of complaints.

By Eric Geller • April 23, 2025

AI impact on data breach outcomes remains ‘limited’: Verizon

While AI-generated text in malicious emails has doubled, the rate of successful phishing breaches is stable.

By Lindsey Wilkinson • April 23, 2025

Conduent warns January breach impacted a ‘significant’ number of people

The company incurred a material amount of nonrecurring expenses during Q1 related to potential notification requirements.

By David Jones • April 22, 2025

Lemonade says applicant driver’s license numbers exposed

The company is notifying about 190,000 people after certain information used for car insurance quotes was left unencrypted.

By David Jones • April 18, 2025

Ahold Delhaize confirms data stolen after threat group claims credit for November attack

A highly active threat group says it will release stolen information, months after an attack disrupted e-commerce operations at the grocer’s U.S. business.

By David Jones , Sam Silverstein • April 17, 2025

CISA warns companies to secure credentials amid Oracle Cloud breach claims

The agency is asking organizations to come forward if they detect suspicious activity or other evidence of a compromise.

By David Jones • April 17, 2025

Hertz says personal data breached in connection with Cleo file-transfer flaws

The company is the latest organization to investigate or disclose an incident linked to a monthslong attack spree.

By David Jones • April 15, 2025

Sensata Technologies’ operations disrupted by ransomware attack

The company, which makes sensors for the automotive and aerospace sectors, does not currently expect the attack to have a material impact.

By Rob Wright • April 10, 2025

Treasury Department bank regulator discloses major hack

Attackers gained unauthorized, prolonged access to the Office of the Comptroller of the Currency’s email system, accessing numerous emails containing highly sensitive regulatory data.

By Elizabeth Montalbano, Contributing Reporter • April 9, 2025

WK Kellogg confirms employee data breach tied to Cleo file-transfer flaw

The Michigan-based breakfast cereal company confirmed it used Cleo as a vendor for human resources data.

By David Jones • April 8, 2025

Check Point Software confirms security incident but pushes back on threat actor claims

A malicious hacker recently offered to sell the security firm’s sensitive customer information.

By David Jones • April 2, 2025

Sam’s Club investigating attack claim linked to Clop ransomware

The prolific gang is linked to the exploitation of critical flaws in Cleo file transfer software.

By David Jones • April 1, 2025

Hacker linked to Oracle Cloud intrusion threatens to sell stolen data

Security researchers from Trustwave SpiderLabs provided additional evidence backing up claims of a breach.

By David Jones • March 31, 2025

Cybersecurity firms brace for impact of potential Oracle Cloud breach

As evidence continues to pile up, security providers warn customers to secure networks.

By David Jones • March 28, 2025

Researchers back claim of Oracle Cloud breach despite company’s denials

Security researchers from CloudSEK provided additional evidence supporting a hacker’s claim to have exfiltrated 6 million records.

By David Jones • March 25, 2025

Rubrik discloses server breach, compromise of ‘access information’

The data security and backup vendor said it found no evidence that the stolen data was used by cyber threat actors.

By Rob Wright • March 4, 2025