Data Breach
-
Insight Partners notifies thousands after ransomware breach, exposing personal and investor data
New York-based Insight Partners said thousands of individuals were affected by a ransomware breach that involved data exfiltration and subsequent server encryption, with notification letters and identity monitoring offered to impacted individuals and a Sept. 2025 deadline for confirming exposure.
-
Kering confirms data breach hits Gucci, Balenciaga and Alexander McQueen; customer records exposed
Kering says hackers accessed customer data in a June 2025 breach affecting Gucci, Balenciaga and Alexander McQueen, exposing names, birth dates, phone numbers, emails and purchase histories, but not payment card data. The incident has been linked to the ShinyHunters group via Salesforce CRM access, with law enforcement reporting arrests in Paris. Authorities warn of…
-
KillSec ransomware hits Brazil’s healthcare IT supply chain, exposing tens of thousands of records
KillSec has claimed responsibility for a September 2025 attack on Brazil’s healthcare software provider MedicSolution, breaching the healthcare IT supply chain and exposing more than 34 GB of sensitive health data across clinics and laboratories, including medical and minor records.
-
LNER confirms customer data accessed in third-party data breach
London North Eastern Railway says customer contact details and some journey information were accessed via a third-party supplier, with no impact on ticketing or services and no storage of bank data. The company urges caution on phishing and emphasizes secure passwords.
-
Open AWS bucket exposes 1.6 million gym audio recordings, researchers warn of privacy risk
A security researcher says an unencrypted AWS bucket exposed 1.6 million gym audio recordings containing names, numbers and reasons for calls, highlighting privacy and security risks from stored voice data.
-
Plex urges password resets after data breach; authentication data exposed
Plex disclosed a data breach that exposed a subset of customer data, including emails, usernames, and securely hashed passwords. The company urged users to reset their passwords, sign out of devices, and enable two-factor authentication, noting that no payment card data was affected.
-
Lovesac confirms data breach after ransomware attack; notices indicate data exposure and recovery steps
Lovesac disclosed a data breach after a March 2025 ransomware intrusion, exposing personal data of an undisclosed number of individuals. The company discovered the breach on Feb. 28, 2025, and offered 24-month credit monitoring through Experian while noting no current evidence of misuse. A Vermont AG notice and a GlobeneNewswire release provide context on the…
-
Qantas cuts executive bonuses by 15% after data breach
Qantas cut senior executive short-term bonuses by 15% after a late-June data breach that exposed millions of customers, reducing CEO Vanessa Hudson’s bonus by A$250,000 and five other executives’ bonuses by a combined A$550,000 while noting overall executive pay rose and the airline posted an A$2.4 billion underlying pre-tax profit.
-
Wealthsimple reports data breach affecting under 1% of customers; breach tied to third‑party software in suspected supply‑chain attack
Wealthsimple disclosed a data breach affecting less than 1% of its customers, with attackers accessing personal data but not funds or passwords. The breach is linked to a compromised third-party software package and is being treated as part of a broader Salesloft supply-chain attack. The firm is offering two years of free credit monitoring and…
-
Chess.com discloses data breach linked to third-party file-transfer app; around 4,500 users affected
Chess.com says a data breach tied to a third-party file-transfer app affected about 4,500 of its 100 million users, with potential exposure of names and other PII but no financial data, and says law enforcement was notified and monitoring continues.
