Data Breach
-
South Korea fines Coupang record $409 million over data breach
South Korea’s privacy regulator fined Coupang a record 624.6 billion won, about $409 million, after a breach exposed data linked to more than 37 million customers and drew findings of weak security controls.
-
Oxford University says CareerConnect breach exposed user names, emails and passwords
Oxford University said a breach of its third-party CareerConnect platform exposed user names, email addresses and encrypted passwords on May 28. The university said its own systems were not compromised and warned of possible phishing attempts.
-
WFP says breach exposed data of about 600,000 Gaza households
The World Food Programme said a breach of its Gaza self-registration system exposed personal details of about 600,000 households. The agency suspended the platform, but said aid delivery and existing registrations would continue.
-
DentaQuest says breach affected part of network, leak tied to 2.6 million accounts
DentaQuest said a security incident exposed data tied to 2.6 million accounts after a breach linked to ShinyHunters. The leaked records included names, contact details, government IDs and health insurance information.
-
iFood confirms data breach affecting 1.2 million users in Brazil
iFood said a December data breach exposed the personal details of 1.2 million users in Brazil, including CPF numbers, but not passwords or payment data. The company and hackers dispute the scale of the incident.
-
Skoda says customer data stolen in online shop breach
Škoda Auto said attackers breached its online shop, stole customer personal data and accessed login credentials after exploiting a software flaw. The company said payment card details were not stored on the compromised systems.
-
Instructure reaches ransom agreement after Canvas data breach
Instructure said it reached an agreement with an unauthorized actor after a Canvas breach that exposed data tied to thousands of schools and universities, including about 275 million records. The company said stolen data was returned and no customers will be separately extorted.
-
Trellix says attackers accessed part of source code repository
Trellix said attackers gained unauthorized access to part of its source code repository. The company has found no evidence so far that the code was exploited or altered and is investigating with forensic experts.
-
Medtronic confirms network breach after hackers claim theft of 9 million records
Medtronic said hackers breached corporate IT systems and may have accessed personal data after ShinyHunters claimed theft of more than 9 million records and terabytes of internal data.
-
Rituals discloses data breach affecting My Rituals members
Rituals said attackers stole personal information from its My Rituals membership database, affecting an undisclosed number of customers. The company said passwords and payment information were not accessed and that it has contained the breach.
