Tech support scam caused massive data breach at Australian airline Qantas
It’s possible to leak PII describing 5.7 million people without breaching privacy rules
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
It’s possible to leak PII describing 5.7 million people without breaching privacy rules
ShinyHunters leaks names, addresses, DOBs, and more after Christian college discloses cyberattack
More victims have emerged after attackers breached application vendor Klue and used its OAuth tokens to steal customers' Salesforce data.
24 Billion Records Left Open Online: Passwords, Emails, and Everything Else Exposed database with 24 Billion records revealed stolen credentials from infostealers, Telegram channels, and breach collections, risking account takeovers. Cybernews researchers found an exposed Elasticsearch cluster on June 12th containing 24 billion records and more than 8.3 terabytes of data. They triple-checked the numbers. […]
Also, Arch Linux Attack, Estonia Quarantines Russian Emails, Joomla FlawThis week, ShinyHunters leaked alleged Madison Square Garden data, a U.S. senator pressed CISA on regional staffing cuts, an Arch Linux supply-chain attack, Mackay Sugar began recovery from a ransomware attack, Novo Nordisk faced dueling breach claims - and more compelling cybersecurity news.
A leaked GitHub token underscores what most organizations get wrong: Treating secrets management as a tooling problem rather than an identity problem.
Pro-Iran group Handala breached Cal Water via an exposed GPS tool, reaching billing data for 2M customers. 5GB leaked. On June 11, 2026, the Iran-linked threat group Handala posted a claim on its blog that it had compromised California Water Service, known as Cal Water, and published a 5GB proof-of-concept data dump to back it […]
ShinyHunters leaked 234 GB of data allegedly stolen from DentaQuest after failed negotiations, potentially impacting 2.6 million people. The ShinyHunters extortion group has published a 234 GB archive of data allegedly stolen from dental benefits administrator DentaQuest. The cybercrime gang added the company to its Tor data leak site in May, and the data was […]
California AG claims genetics biz downplayed 2023 mega-leak while paying ransom to attacker
U.S. telecommunications giant Charter Communications has confirmed it suffered a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is paid. [...]
A hacker is selling a 340M-strong OnlyFans-linked dataset built by correlating old breaches and public data, not by hacking OnlyFans directly. A threat actor is adverertising a purported database containing data of 340 million OnlyFans users, but the available evidence points to something less dramatic than a direct breach. According to HackRead, which reported the […]
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets on a public GitHub account. The inquiry comes as CISA is still struggling to contain the breach and invalidate the leaked credentials.
Instructure, the edtech giant behind the widely popular Canvas learning management system (LMS), has reached an "agreement" with the ShinyHunters extortion group to prevent the data stolen in a recent breach from being leaked online. [...]
American educational technology company Instructure, the parent company of Canvas, said it reached an "agreement" with a decentralized cybercrime extortion group after it breached its network and threatened to leak stolen information from thousands of schools and universities
UPDATED: Sorry, kids, everything's back up so get to work on your new assignment - An essay on the ethics of paying ransoms, because it looks like that's what happened here
The attack on the Trellix source code repository disclosed last week has been claimed by the RansomHouse threat group, which leaked a small set of images as proof of the intrusion. [...]
An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service's login page with a ransom demand that threatened to leak data from 275 million students and faculty across nearly 9,000 educational institutions.
Prolific ShinyHunters Extortion Group Made 'Pay or Leak' Threat to VictimHome security giant ADT has suffered a data breach that appears to have exposed personally identifiable information tied to 5.5 million customers. Prolific extortionist group ShinyHunters claimed credit for the attack, saying it stole Salesforce data after socially engineering an ADT employee.
Home security giant ADT has confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is paid. [...]
Leak-site bragging meets breach hunters as Have I Been Pwned flags millions of records