Security news aggregator

Latest coverage for Leak

Data leaks can expose passwords, personal records, and business secrets, enabling identity theft, fraud, extortion, and follow-on cyberattacks.

9 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Leak is the unauthorized disclosure or exposure of information to people or systems not meant to receive it. It may be deliberate or accidental and can involve personal data, credentials, API keys, source code, trade secrets, or internal documents. A leak can result from theft and publication, an employee sending data to the wrong recipient, or an exposed cloud storage bucket, database, log, repository, or backup. The term describes the exposure, not necessarily how attackers obtained it; reporting may refer to both confirmed disclosure and suspected exposure.

Security teams should establish what data was accessible, to whom, and for how long, while distinguishing evidence of access from mere exposure. Exposed passwords, tokens, and keys should be revoked or rotated quickly, and affected systems checked for reuse or further access. Personal or regulated data may trigger privacy and reporting obligations, while leaked proprietary material can require legal and threat-intelligence monitoring. Prevention includes least-privilege access, secret scanning, safe sharing controls, encryption where appropriate, and monitoring for misconfigured public resources.

Showing 9 most recent headlines Filtered view
Bank Info Security 1 year, 4 months ago

'Termite' Gang Leaks Australian Fertility Clinic Records

Researchers: Ransomware Group Emerged Last Fall; Variant of Babuk MalwareA new ransomware gang, Termite, has started leaking on the dark web samples of sensitive data stolen in an attack on Australian fertility clinic Genea. A court has issued a restraining order in hopes of preventing the threat actor or others from further disseminating, using or publishing the data.

After Disrupting Ascension Health, Black Basta Forecast Reprisals From FBI, Moscow"We are pentesters, not murderers," ransomware group Black Basta claimed in its negotiations with victim Ascension Healthcare in May 2024, after its attack led to widespread disruptions and patient safety alerts. Leaked chat logs reveal the group feared resulting reprisals from the FBI and Moscow.

A U.S. Army soldier who pleaded guilty last week to leaking phone records for high-ranking U.S. government officials searched online for non-extradition countries and for an answer to the question "can hacking be treason?" prosecutors in the case said Wednesday. The government disclosed the details in a court motion to keep the defendant in custody until he is discharged from the military.

Bank Info Security 1 year, 4 months ago

Black Basta Leaks Reveal Targeting, Planning, Escalation

Group Cross-Referenced Open-Source Victim Intelligence With Infostealer HaulsThe leak of 200,000 internal chat messages for the Black Basta operation provides an overview of how a modern ransomware group organizes itself to take down victims in the most efficient, profit-maximizing manner possible, using a variety of tactics that should be, in theory, easy to repel.