Privacy
-
Star Citizen developer discloses January breach that exposed user account details
Cloud Imperium Games disclosed a January 21 2026 breach that gave attackers read only access to backup systems containing basic account details for an undisclosed number of users. No financial data or passwords were affected.
-
Ransomware attack on University of Hawaii Cancer Center exposed data for nearly 1.2 million people
A ransomware gang breached the University of Hawaii Cancer Center Epidemiology Division in August 2025 and stole data for nearly 1.2 million people, including Social Security and driver’s license numbers, the university said in a notice.
-
ManoMano notifies customers after third-party provider breach affecting 38 million
ManoMano notified customers after a January 2026 breach of a third-party support provider exposed personal data for 38 million people. No passwords were accessed and the company revoked the subcontractor’s data access.
-
Olympique de Marseille confirms cyberattack after threat actor leaks sample of alleged data
Olympique de Marseille said it was hit by a cyberattack this month and that a threat actor posted a sample claiming a database of about 400,000 people. The club notified the CNIL and filed a complaint.
-
ShinyHunters posts 12.4 million records alleged to be from CarGurus
A 6.1GB archive claiming 12.4 million CarGurus records was posted by ShinyHunters on February 21. A Have I Been Pwned breach listing says about 3.7 million records appear to be new.
-
Security analysis finds vulnerabilities in popular mental health apps on Google Play
A technical analysis by Oversecured found vulnerabilities in popular Android mental health apps that can expose conversation histories and mood data. Affected apps have tens of millions of combined downloads and the flaws remain unpatched.
-
PayPal says loan app error exposed customers’ Social Security numbers for months
A software error in PayPal’s Working Capital loan app exposed personal data including Social Security numbers from July to December 2025. The company rolled back the code change, reset passwords and is offering credit monitoring to affected users.
-
Intruder accessed France’s FICOBA registry exposing data for 1.2 million accounts
A late January 2026 breach of France’s FICOBA exposed data tied to 1.2 million bank accounts including IBANs and personal details. Banks were alerted and authorities filed a criminal complaint.
-
Spanish court orders NordVPN and ProtonVPN to block 16 LaLiga piracy sites
A Spanish court ordered NordVPN and ProtonVPN to block 16 websites used to pirate LaLiga matches in Spain. The precautionary measures apply to a dynamic list of IP addresses and were issued inaudita parte without opportunity for appeal.
-
Law firm sues Lenovo over alleged bulk transfer of US data to China
A law firm filed a class action accusing Lenovo of exposing 100,000 or more US consumers’ data to Chinese entities via website trackers. The suit seeks class action relief, restitution, disgorgement and statutory damages.
