Australian Human Rights Commission Leaks Docs in Data Breach
An internal error led to public disclosure of reams of sensitive data that could be co-opted for follow-on cyberattacks.
Stay informed on the latest data breach incidents and security breaches. Protect your information with our up-to-date breach news and analysis.
Search across headline titles and summaries.
Background for this topic.
Breach means unauthorized access to a computer system or network that exposes or steals sensitive data like personal details, passwords, or proprietary information. Attackers often exploit software flaws, weak passwords, or social engineering to gain entry. Breaches can also result from insiders misusing access or accidental data exposure.
Understanding breaches is crucial because they reveal weaknesses in security controls and can lead to data theft or operational disruption. Effective defenses include promptly patching vulnerabilities, enforcing strong authentication, and segmenting networks to limit attacker movement. Detecting breaches quickly through monitoring and logging helps contain damage and guide targeted remediation efforts to secure affected systems and data.
An internal error led to public disclosure of reams of sensitive data that could be co-opted for follow-on cyberattacks.
Hundreds of Firewall Alarms Sounded But Weren't Heeded, CrowdStrike Probe FindsThe governor of Rhode Island slammed professional services firm Deloitte for failing to spot a months-long hack attack against the RIBridges health and human services data environment it manages, despite hundreds of firewall alerts sounding as attackers exfiltrated gigabytes of data.
Ransomware gang members increasingly use a new malware called Skitnet ("Bossnet") to perform stealthy post-exploitation activities on breached networks. [...]
The tech biz was in the process of dropping the payroll company as it learned of the breach EXCLUSIVE A ransomware attack at a Middle Eastern subsidiary of payroll company ADP has led to customer data theft at Broadcom, The Register has learned.…
Financially Strapped Cloud Services Firm Settles Suit From 2020 Patient Data HackA financially strapped cloud services vendor that experienced a 2020 ransomware attack affecting dozens of healthcare sector clients and hundreds of thousands of patients has agreed to a $1.9 million settlement in proposed class action litigation involving the data theft case.
Nucor made it clear its investigation is still in the early stages and didn't specify the nature or scope of the breach, nor who the threat actor might be.
In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for sale on the forum in 2023. Conor Brian Fitzpatrick, a.k.a. "Pompompurin," is slated for resentencing next month after pleading guilty to access device fraud and possession of child sexual abuse material (CSAM).
Also, DOGE Employee’s Credentials Found in Infostealer DumpsThis week, SAP NetWeaver flaw drew hackers, zero-days in Ivanti EPMM, DOGE employee’s credentials found in infostealer dumps and Nucor halted operations. North Korean hackers targeted South Koreans with fake conference invites, Russian hackers targeted webmail servers and Microsoft fixed 72 flaws.
Nova Scotia Power confirms it suffered a data breach after threat actors stole sensitive customer data in a cybersecurity incident discovered last month. [...]
One expert tells us: 'It is the most unique breach disclosure I've ever seen' Coinbase says some of its overseas support staff were paid off to steal information on behalf of cybercriminals, and the company is now being extorted for $20 million.…
Dior confirmed a data breach compromising customer personal information, discovered on May 7
Coinbase, a cryptocurrency exchange with over 100 million customers, has disclosed that cybercriminals working with rogue support agents stole customer data and demanded a $20 million ransom not to publish the stolen information. [...]
The Australian Human Rights Commission (AHRC) disclosed a data breach incident where private documents leaked online and were indexed by major search engines. [...]
House of Dior, the French luxury fashion brand commonly referred to as Dior, has disclosed a cybersecurity incident that has exposed customer information. [...]
A cyber espionage group known as Earth Ammit has been linked to two related but distinct campaigns from 2023 to 2024 targeting various entities in Taiwan and South Korea, including military, satellite, heavy industry, media, technology, software services, and healthcare sectors
Organizations across industries are experiencing significant escalations in cyberattacks, particularly targeting critical infrastructure providers and cloud-based enterprises. Verizon’s recently released 2025 Data Breach Investigations Report found an 18% YoY increase in confirmed breaches, with the exploitation of vulnerabilities as an initial access step growing by 34%. As attacks rise
Former Business Partner's Third-Party Software at Center of Hospital Chain's IncidentAscension Health is notifying nearly 440,000 patients of a breach involving a former business partner and exploit of a third-party software flaw. Some experts speculate the incident involved Cleo managed file transfer software. The breach is one of several Ascension experienced in recent months.
Twilio has denied in a statement for BleepingComputer that it was breached after a threat actor claimed to be holding over 89 million Steam user records with one-time access codes. [...]
A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks