Security news aggregator

Latest coverage for Leak

Data leaks can expose passwords, personal records, and business secrets, enabling identity theft, fraud, extortion, and follow-on cyberattacks.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Leak is the unauthorized disclosure or exposure of information to people or systems not meant to receive it. It may be deliberate or accidental and can involve personal data, credentials, API keys, source code, trade secrets, or internal documents. A leak can result from theft and publication, an employee sending data to the wrong recipient, or an exposed cloud storage bucket, database, log, repository, or backup. The term describes the exposure, not necessarily how attackers obtained it; reporting may refer to both confirmed disclosure and suspected exposure.

Security teams should establish what data was accessible, to whom, and for how long, while distinguishing evidence of access from mere exposure. Exposed passwords, tokens, and keys should be revoked or rotated quickly, and affected systems checked for reuse or further access. Personal or regulated data may trigger privacy and reporting obligations, while leaked proprietary material can require legal and threat-intelligence monitoring. Prevention includes least-privilege access, secret scanning, safe sharing controls, encryption where appropriate, and monitoring for misconfigured public resources.

Showing 8 most recent headlines Filtered view

Plaintext Emails Trigger Police Probes Into Potential Leaks of State SecretsThe volume of information contained in the "Epstein Files," bizarre pictures they paint and our inability to know what they don't document complicate attempts to understand what it all means. What is clear is the digital detritus that can be generated by just a single iPad-using Boomer.

Newcomer 'Insomnia' Appears to Favor US Healthcare-Related EntitiesA new cybercriminal gang, Insomnia, appears to have its eyes wide open for potential healthcare-related targets. Since surfacing on the darkweb in recent weeks, the apparent data theft group has chalked up 18 alleged victims on its data leak site, with more than half having ties to healthcare.

Bank Info Security 5 months, 1 week ago

Fake Out: 0APT Data-Leak Ransomware Group Branded a Scam

Bitcoin Joining Fee for Affiliates and No Proven Victims Cited by ResearchersNewcomer ransomware group 0APT is being branded a "likely scam operation," not least after a list of over 200 supposed victims turned out to be bogus, if not entirely AI-generated - never mind a 1 bitcoin joining fee for would-be affiliates and outdated crypto-locking malware.

Ransomware Gang Everest Claims It Has Leaked All Stolen DataA revenue cycle management software firm is notifying an undisclosed number of patients of several medical diagnostic labs that their sensitive information, including diagnoses and treatments, was stolen in a November hack. Ransomware gang Everest Group claims it has leaked all the data.

Zero-click prompt injection can leak data when AI agents meet messaging apps, researchers warn AI agents can shop for you, program for you, and, if you're feeling bold, chat for you in a messaging app. But beware: attackers can use malicious prompts in chat to trick an AI agent into generating a data-leaking URL, which link previews may fetch automatically.…