Stay updated on the latest PII (Personally Identifiable Information) security measures, breaches, and protection strategies in the world of cyber security.
Search across headline titles and summaries.
Background for this topic.
PII, or Personal Identifiable Information, is a type of data that, either alone or when combined with other relevant data, can identify an individual. Examples of PII include full names, addresses, Social Security numbers, passport numbers, and email addresses.
In the context of information security, PII is considered highly sensitive. Protecting PII is paramount to an individual's privacy and is a key focus of data security strategies within organizations. The loss, misuse, or unauthorized access to PII can lead to identity theft, financial fraud, and other forms of personal harm, making it critical for businesses and institutions to implement robust control measures. These include encryption, access controls, and continuous monitoring to reduce the risk of PII data breaches and comply with data protection laws like GDPR and HIPAA.
Weekly headline count for the current query.
California Attorney General Rob Bonta filed a lawsuit against 23andMe, now Chrome Holding Co., over the company's failure to protect sensitive customer genetic and personal information. [...]
A North Carolina man was sentenced to more than 10 years in prison for selling the personal information of over 7 million elderly Americans to Jamaican scammers. [...]
The ShinyHunters extortion gang stole personal information from 4.9 million accounts after hacking the U.S. telecom giant Charter Communications in early April, according to data breach notification service Have I Been Pwned. [...]
Carnival disclosed a data breach affecting nearly 6 million people after hackers used social engineering to access employee accounts. Carnival Corporation is notifying nearly 6 million people after a data breach exposed personal information. According to the notification shared with the Maine Attorney General’s Office, the total number of persons affected is 5,995,277. The company said […]
The ShinyHunters extortion gang stole the personal information of over 183,000 people after hacking the systems of convenience store chain giant 7-Eleven in April, according to data breach notification service Have I Been Pwned. [...]
Grafana has disclosed that an "unauthorized party" obtained a token that granted them the ability to access the company's GitHub environment and download its codebase
'Have I Been Pwned' Founder Troy Hunt Reviews Impact on People and OrganizationsThe volume of data breaches that result in stolen personal data being leaked online has been surging, "courtesy of the ShinyHunters," and while it affects individuals, the organizations being extorted are bearing the brunt of such attacks, said Troy Hunt, founder and CEO of Have I Been Pwned.
Hackers Constantly Break 'Confirmation of Data Destruction' PromisesWhen a business that stores children's personal data gets hit by data-leaking extortionists, what should it do? For Instructure, which develops online learning platform Canvas, the answer was to pay a ransom, and tell victims, straight-faced, to have "digital confirmation of data destruction."
The Information Commissioner's Office has fined South Staffordshire Water Plc and parent company South Staffordshire Plc £963,900 ($1.3 million) over a cyberattack that exposed the personal data of 663,887 customers and employees. [...]
Škoda Auto, a wholly owned subsidiary of the Volkswagen Group, has disclosed a data breach after attackers hacked its online shop and stole the personal information of an undisclosed number of customers. [...]
The edtech company is struggling to wrest control from its hackers. PII belonging to hundreds of millions of people is on the line.
Hackers who gained access to the databases of Spanish fast-fashion retailer Zara stole data belonging to more than 197,000 customers, according to data breach notification service Have I Been Pwned. [...]
The ShinyHunters extortion gang stole personal information belonging to over 119,000 people after hacking the Vimeo online video platform in April, according to data breach notification service Have I Been Pwned. [...]
On December 4, 2025, a 17-year-old was arrested in Osaka under Japan’s Unauthorized Access Prohibition Act. The young man had run malicious code to extract the personal data of over 7 million users of Kaikatsu Club, Japan's largest internet cafe chain. When asked, the young man shared his motivation for the hack: he wanted to buy Pokémon cards
Even limited voter rolls can be linked to identify people, research shows
Even limited voter rolls can be linked to identify people, research shows Your voter data could be used against you. A foreign intelligence service that wished to identify the family members of deployed military personnel could do so by cross-referencing public voter record data and social media posts.…
Names, phone numbers, physical addresses also included in Shiny Hunters alleged data dump
Names, phone numbers, physical addresses also included in Shiny Hunters alleged data dump Updated Logistics technology company Pitney Bowes, which makes franking machines for US postage, is the latest scalp claimed by ShinyHunters and its ongoing spree of pay-or-leak attacks against major organizations.…
The ShinyHunters extortion group stole the personal information of 5.5 million individuals after breaching the systems of home security giant ADT earlier this month, according to data breach notification service Have I Been Pwned. [...]
Cybersecurity researchers have disclosed details of a telecommunications fraud campaign that uses fake CAPTCHA verification tricks to dupe unsuspecting users into sending international text messages that incur charges on their mobile bills, generating illicit revenue for the threat actors who lease the phone numbers