Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
Grafana has disclosed that an "unauthorized party" obtained a token that granted them the ability to access the company's GitHub environment and download its codebase
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Grafana has disclosed that an "unauthorized party" obtained a token that granted them the ability to access the company's GitHub environment and download its codebase
Insurer's Hack Could Rank as Largest US Health Data Breach Reported in 2025Supplemental health insurer Aflac is notifying 22.65 million people whose sensitive health and personal information, including Social Security numbers, was potentially compromised in a June data theft incident. The incident will likely rank as the biggest U.S. health data breach reported in 2025.
Insurer's Hack Could Rank as Largest US Health Data Breach Reported in 2025Supplemental health insurer Aflac is notifying 22.65 million people whose sensitive health and personal information, including Social Security numbers, was potentially compromised in a June data theft incident. The incident will likely rank as the biggest U.S. health data breach reported in 2025.
Coupang disclosed a data breach affecting 33.7 million customers after unauthorized access to personal data went undetected for nearly five months. Penta Security explains how the incident highlights insider credential abuse risks and why encrypting customer data beyond legal requirements can reduce exposure and limit damage. [...]
Ransomware Gang Rhysida Leaks 3.7TB of Data Stolen From Maryland Hospital SystemMaryland-based MedStar Health, which operates 10 hospitals, is notifying patients about a data theft incident affecting their personal information. Ransomware group Rhysida claims on its darkweb leak site to have 3.7 terabytes of MedStar's data, including "over 7 million pieces of patient data."
700Credit, a U.S.-based financial services and fintech company, will start notifying more than 5.8 million people that their personal information has been exposed in a data breach incident. [...]
The Information Commissioner's Office (ICO) in the UK has fined Capita, a provider of data-driven business process services, £14 million ($18.7 million) for a data breach incident in 2023 that exposed the personal information of 6.6 million people. [...]
American furniture brand Lovesac is warning that it suffered a data breach impacting an undisclosed number of individuals, stating their personal data was exposed in a cybersecurity incident. [...]
Wealthsimple, a leading Canadian online investment management service, has disclosed a data breach after attackers stole the personal data of an undisclosed number of customers in a recent incident. [...]
Absolute Dental Says Breach Involved Third-Party Managed Services FirmA Nevada dental practice is notifying more than 1.2 million individuals of a hacking incident that compromised sensitive health and personal information. The incident involved "inadvertent execution of a malicious version of a legitimate software tool," said Absolute Dental.
The House of Dior (Dior) is sending data breach notifications to U.S. customers informing them that a May cybersecurity incident compromised their personal information. [...]
Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald's was exposed after they guessed the password ("123456") for the fast food chain's account at Paradox.ai, a company that makes artificial intelligence based hiring chatbots used by many Fortune 500 companies. Paradox.ai said the security oversight was an isolated incident that did not affect its other customers, but recent security breaches involving its employees in Vietnam tell a more nuanced story.
Doughnut maker Krispy Kreme has revealed that sensitive financial and personal data of over 160,000 individuals has been impacted following a November 2024 cyber incident
Though its operations are running smoothly, the airline warned customers and employees to exercise caution when sharing personal information online.
African mobile giant MTN Group announced that a cybersecurity incident has compromised the personal information of some of its subscribers in certain countries. [...]
Breach Victim Tally Soars Since Firm Filed an Initial Breach Report in Early AprilKelly Benefits is notifying nine large clients and nearly 264,000 individuals that their sensitive personal information was potentially compromised in a December data theft incident. The tally of affected people has climbed eight-fold since the company’s first estimate earlier this month.
Community Dental Care Is State's Largest Non-Profit Serving Medicaid PatientsMinnesota's largest nonprofit Medicaid dental practice is notifying nearly 135,000 people of a December 2024 data theft incident that potentially compromised their health and personal information, ranging from medical information to passport numbers.
SSNs, payment details, and health info too The Pennsylvania State Education Association (PSEA) says a July 2024 "security incident" exposed sensitive personal data on more than half a million individuals, including financial and health info.…
Ransomware Attack in 2023 Affected More Than 6 Million PeopleIndian IT services giant Infosys said its U.S. subsidiary Infosys McCamish Systems agreed to pay $17.5 million to settle six class action lawsuits related to a cybersecurity incident that compromised the personal information of more than 6 million people.