Everything's bigger and better in Texas – even data breaches
Hunting and fishing license incident catches 3M residents
Incident coverage examines breaches, outages, and response failures to explain how security events affect systems, data, and organizations.
Search across headline titles and summaries.
Background for this topic.
An incident is a suspected or confirmed event that threatens the confidentiality, integrity, or availability of information or systems, or violates a security policy. Examples include unauthorized access, malware execution, exposed credentials, data loss, and disruptive attacks. Not every alert is an incident: triage determines whether an event is credible, its scope, and the assets or data involved.
Incident handling requires timely detection, analysis, containment, eradication, and recovery. Practitioners must preserve relevant evidence, identify affected accounts and systems, assess whether data was accessed or altered, and prevent recurrence. Clear escalation and documentation support privacy or regulatory notifications when applicable. Findings should feed security improvements such as closing exploited vulnerabilities, strengthening access controls, and updating detection and response procedures.
Weekly headline count for the current query.
Hunting and fishing license incident catches 3M residents
More than half of orgs in Okta survey faced an AI-related security incident or near miss last year
You’ll need a lot of detailed prompts to get solid output - and even then it may have errors and typos
Cushman & Wakefield activated incident response protocols after serial extortionists issued separate threats
Cushman & Wakefield activated incident response protocols after serial extortionists issued separate threats Real estate giant Cushman & Wakefield has confirmed a data breach after two cybercrime groups, ShinyHunters and Qilin, separately claimed responsibility for attacks on the company.…
Gov admits 'incident' as forum sellers boast of fresh haul covering up to a third of the population France's National Agency for "Secure" Documents is explaining a potential data spill just as crooks online claim they've nicked a third of the country's ID information.…
Blames outfit called Context.ai, which reckons an agentic OAuth tangle caused the incident Vercel, the company that created the open source Next.js web development framework, has a data leak that led to compromise of some customer credentials, and blamed an outfit called Context.ai for the mess.…
UK and US customers stuck waiting after fleet management SaaS vendor took affected environments offline A cybersecurity incident has knocked FleetWave into a "major outage" across the UK and US after Chevin Fleet Solutions pulled parts of its SaaS platform offline and left customers scrambling for answers.…
Attackers slipped into the process and redirected funds, leaving the company scrambling to recover the cash UK-listed oil and gas outfit Zephyr Energy plc has admitted a cyber incident siphoned off roughly £700,000 after a single payment to a contractor was quietly redirected to an attacker-controlled account.…
ESET says factory outages, lost revenue, and supply chain disruption are becoming routine Nearly 80 percent of British manufacturers say they've been hit by a cyber incident in the past year, as new research suggests disruption on the factory floor is no longer an exception but business as usual.…
Vulns in Dutch football club's systems didn't just expose data – they let outsiders play with accounts, and even lift stadium bans Dutch football giant AFC Ajax has admitted to a data breach after an attacker gained access to its internal systems, in an incident that looks less like a stray pass and more like the gates left wide open.…
Probably not an isolated incident only as researchers have already found 2,863 live API keys exposed A developer says their company is on the hook for more than $82,000 in unauthorized charges after a stolen Google Gemini API key racked massive usage costs up in just 48 hours.…
Off-the-shelf tools helped Russian-speaking cybercrime group run riot Cybercriminals armed with off-the-shelf generative AI tools compromised more than 600 internet-exposed FortiGate firewalls across 55 countries in just over a month, according to a new incident report from AWS.…
'Potential data protection incident' at an 'independent licensing partner,' we're told Adidas has confirmed it is investigating a third-party breach at one of its partner companies after digital thieves claimed they stole information and technical data from the German sportswear giant.…
Full scale of infections remains 'unknown' China-linked attackers exploited a maximum-severity hardcoded-credential bug in Dell RecoverPoint for Virtual Machines as a zero-day since at least mid-2024. It's all part of a long-running effort to backdoor infected machines for long-term access, according to Google's Mandiant incident response team.…
eScan lawyers up after Morphisec claimed 'critical supply-chain compromise' A spat has erupted between antivirus vendor eScan and threat intelligence outfit Morphisec over who spotted an update server incident that disrupted some eScan customers earlier this month.…
Phones, email, and core systems knocked out at Higham Lane in Nuneaton Students at a school in Warwickshire, England, have scored an extended Christmas break after a cyberattack crippled its IT systems, forcing classrooms to close and staff to summon government incident responders.…
As in past incidents, ESA says the impact was limited to external systems The European Space Agency has suffered yet another security incident and, in keeping with past practice, says the impact is limited. Meanwhile, miscreants boast that they've made off with a trove of data, including what they claim are confidential documents, credentials, and source code.…
Pair became ALPHV affiliates to prey on US-based clients A ransomware negotiator and a security incident response manager have admitted to running ransomware attacks.…
You didn't think you'd get to enjoy your time off without a major cybersecurity incident, did you? A high-severity MongoDB Server vulnerability, for which proofs of concept emerged over Christmas week, is now under active exploitation, according to the US Cybersecurity and Infrastructure Security Agency.…