📰 Cyber Feed Aggregator

💥 Breach

Latest Breach coverage curated from trusted cybersecurity sources.

• Toy Battles - 1,017 breached accounts
  Have I Been Pwned latest breaches — Tue, 10 Feb 2026 02:44:47 Z

  In February 2026, the online gaming community Toy Battles suffered a data breach. The incident exposed 1k unique email addresses alongside usernames, IP addresses and chat logs. Following the breach, Toy Battles self-submitted the data to Have I Been Pwned.

• Association Nationale des Premiers Secours - 5,600 breached accounts
  Have I Been Pwned latest breaches — Tue, 10 Feb 2026 01:27:25 Z

  In January 2026, a data breach impacting the French non-profit Association Nationale des Premiers Secours (ANPS) was posted to a hacking forum. The breach exposed 5.6k unique email addresses along with names, dates of birth and places of birth. ANPS self-submitted the data to HIBP and advised the incident was...

• Hackers Use Signal QR Codes to Spy on Military and Political Leaders
  DataBreaches.Net — Mon, 09 Feb 2026 21:42:17 +0000

  Deeba Ahmed reports: Security experts in Germany are on high alert following a wave of digital attacks aimed at high-ranking officials and public figures. The warning comes from the country’s top security bodies- the Federal Office for Information Security (BSI) and the Federal Office for the Protection of the...

• Romania’s oil pipeline operator confirms cyberattack as hackers claim data theft
  DataBreaches.Net — Sun, 08 Feb 2026 15:09:19 +0000

  Daryna Antoniuk reports: Romania’s national oil pipeline operator Conpet said a cyberattack disrupted parts of its technology infrastructure and knocked its website offline earlier this week, adding that oil transport operations were not affected. Conpet, which operates about 3,800 kilometers (2,360 miles) of...

• FCC Cybersecurity Alert and Recommendations to Communications Providers
  DataBreaches.Net — Sun, 08 Feb 2026 15:03:10 +0000

  On January 29, 2026, the FCC issued public notice DA 26-96: PUBLIC SAFETY AND HOMELAND SECURITY BUREAU HIGHLIGHTS BEST PRACTICES FOR DEFENDING AGAINST RANSOMWARE ATTACKS By this Public Notice, the Public Safety and Homeland Security Bureau (Bureau) of the Federal Communications Commission (Commission) urges...

• Some good news: downstream victims of mass data theft campaigns are less likely to pay — incident responders
  DataBreaches.Net — Sun, 08 Feb 2026 14:35:22 +0000

  Mathew J. Schwartz reports: The Clop digital extortion gang for years perfected a method for wringing tens of millions out of cybercrime. Find a zero-day flaw, often in file transfer software, swarm vulnerable networks and post online the sensitive data of any victim unwilling to pay for a promise of data deletion....

• Hospital employee snooped in 98 patient records, Saskatchewan privacy commissioner finds
  DataBreaches.Net — Sun, 08 Feb 2026 12:58:32 +0000

  Shawn Slaght reports: Saskatchewan Information and Privacy Commissioner Grace Hession David found that a privacy breach involving an employee at the Dr. F.H. Wigmore Regional Hospital did take place. The decision found that a unit clerk in the emergency department inappropriately accessed their own health records...

• Substack - 663,121 breached accounts
  Have I Been Pwned latest breaches — Fri, 06 Feb 2026 23:33:22 Z

  In October 2025, the publishing platform Substack suffered a data breach that was subsequently circulated more widely in February 2026. The breach exposed 663k account holder records containing email addresses along with publicly visible profile information from Substack accounts, such as publication names and...

• Betterment - 1,435,174 breached accounts
  Have I Been Pwned latest breaches — Thu, 05 Feb 2026 00:29:45 Z

  In January 2026, the automated investment platform Betterment confirmed it had suffered a data breach attributed to a social engineering attack. As part of the incident, Betterment customers received fraudulent crypto-related messages promising high returns if funds were sent to an attacker-controlled...

• Panera Bread - 5,112,502 breached accounts
  Have I Been Pwned latest breaches — Sat, 31 Jan 2026 03:19:30 Z

  In January 2026, Panera Bread suffered a data breach that exposed 14M records. After an attempted extortion failed, the attackers published the data publicly, which included 5.1M unique email addresses along with associated account information such as names, phone numbers and physical addresses. Panera Bread...

• Streamlit: The Tip of The Shadow AI Iceberg | UpGuard
  UpGuard Data Breach Research — Tue, 09 Dec 2025 23:19:01 GMT

  Tens of thousands of AI-enabled web applications using the Streamlit framework are publicly available, exposing PII and other confidential data.

• Identifying Companies Affected by the Shai-Hulud NPM Supply Chain Attack | UpGuard
  UpGuard Data Breach Research — Fri, 24 Oct 2025 04:08:27 GMT

  Using Github event archives, UpGuard Research identifies companies with indicators of compromise of the Shai-Hulud attacks, even after the repos have been deleted.

• Unclaimed Property: How an Unknown Entity Exposed Indian Banking Information | UpGuard
  UpGuard Data Breach Research — Fri, 26 Sep 2025 16:05:20 GMT

  UpGuard discovered a rapidly growing data leak of bank accounts in India– and no one to take responsibility for it.

• Traffic Patterns: The Leakzone Part 2 | UpGuard
  UpGuard Data Breach Research — Tue, 12 Aug 2025 23:13:57 GMT

  UpGuard analyzes the universities, governments, and private companies mentioned in the access logs of hacker forum Leakzone.

• Insufficient Coverage: WorkCycle, Langflow, and TPL | UpGuard
  UpGuard Data Breach Research — Tue, 12 Aug 2025 16:00:01 GMT

  UpGuard can now report that we have secured a Langflow instance leaking data for around 97,000 insurance customers in Pakistan.

• Snowflake
  Public Cloud Security Breaches — Sun, 30 Jun 2024 11:08:05 -0400

  In the spring of 2024, a number of Snowflake customers suffered data breaches when cybercriminals announced they had data sets from high-profile customers like TicketMaster, LendingTree, Neiman Marcus, and Santander. While Snowflake & Mandiant found no evidence their cloud offering was compromised, these incidents...

• Football Australia
  Public Cloud Security Breaches — Mon, 05 Feb 2024 07:27:16 -0500

  Football Australia, the national governing authority for the sport, embedded an AWS Access Key in their website that granted access to 126 S3 Buckets containing sensitive information for players and fans.

• Microsoft (Midnight Blizzard)
  Public Cloud Security Breaches — Sat, 20 Jan 2024 20:14:38 -0500

  Leveraging an unused account, the Russian APT Midnight Blizzard was able to pivot into Microsoft’s corporate Office 365 to access the emails of key executives and cyber-security employees. Midnight Blizzard was searching for what information Microsoft knew about themselves.

• First Republic Bank
  Public Cloud Security Breaches — Wed, 13 Dec 2023 04:16:54 -0500

  In March 2020, a cloud engineer was terminated from First Republic Bank and subsequently accessed their AWS & GitHub environment to cause damage.

• Retool MFA
  Public Cloud Security Breaches — Fri, 10 Nov 2023 19:43:16 -0500

  An engineer at Retool fell victim to a social engineering attack that led to the compromise of an engineer’s MFA tokens and the account takeover of a small number of Retool customers.