Ransomware Breach at University of Hawaii Cancer Center Affects 1.2M People

The University of Hawaii Cancer Centre has confirmed a massive ransomware attack affecting 1.24 million people. Sensitive data, including Social Security numbers and historical voter records dating back to 1993, was compromised...

PayPal Confirms Six-Month Data Exposure Linked to Loan System Error

PayPal has confirmed a data leak in its Working Capital loan system that exposed names, dates of birth, and Social Security numbers for six months...

A Vast Trove of Exposed Social Security Numbers May Put Millions at Risk of Identity Theft

A database left accessible to anyone online contained billions of records, including sensitive personal data that criminals appear to have not yet exploited...

AT&T breach data resurfaces with new risks for customers

When data resurfaces, it never comes back weaker. A newly shared dataset tied to AT&T shows just how much more dangerous an “old” breach can become once criminals have enough of the right details to work with. The dataset, privately circulated since February 2, 2026, is described as AT&T customer...

CVE-2019-18626

Harris Ormed Self Service before 2019.1.4 allows an authenticated user to view W-2 forms belonging to other users via an arbitrary empNo value to the ORMEDMIS/Data/PY/T4W2Service.svc/RetrieveW2EntriesForEmployee URI, thus exposing sensitive information including employee tax information, social...

700Credit Data Breach Impacts Millions of Car Owners

US auto loan service 700Credit confirms a data breach exposed names, addresses, and Social Security numbers of dealership customers. Free credit monitoring is offered...

Ransomware gang claims Conduent breach: what you should watch for next [updated]

Update – October 30, 2025: New information confirms that Conduent’s 2024 breach has impacted over 10.5 million people, based on notifications filed with multiple state attorneys general. The largest disclosure came from the Oregon government, which reported a total of 10.5 million affected US...

Shadow Escape 0-Click Attack in AI Assistants Puts Trillions of Records at Risk

Operant AI reveals Shadow Escape, a zero-click attack using the MCP flaw in ChatGPT, Gemini, and Claude to secretly steal trillions of SSNs and financial data. Traditional security is blind to this new AI threat...

Prosper data breach puts 17 million people at risk of identity theft

Peer-to-peer lending marketplace Prosper detected unauthorized activity on their systems on September 2, 2025. It published an FAQ page later that month to address the incident. During the incident, the attacker stole personal information belonging to Prosper customers and loan applicants. As...

North Korean Scammers Are Doing Architectural Design Now

New research shows that North Koreans appear to be trying to trick US companies into hiring them to develop architectural designs using fake profiles, résumés, and Social Security numbers...

Troops and veterans’ personal information leaked in CPAP Medical data breach

In December 2024, CPAP Medical Supplies and Services Inc. CPAP, a Jacksonville—a Florida-based provider of sleep therapy services and CPAP machines—experienced a cybersecurity incident that compromised the personal data of over 90,000 patients. Since CPAP Medical specializes in tailored sleep apn...

EUVD-2019-8350

Malware in sbrugna...

Archer Health Data Leak Exposes 23GB of Medical Records

California-based Archer Health exposed 23GB of patient records, including SSNs, IDs, and medical files, after an unprotected database was found online...

Personal Identifying Information (PII) Fields Detected

This is an informational notice that the scanner was able to detect forms with fields collecting Personal Identifying Information PII data. Examples of PII data include, but are not limited to, names, email addresses, phone numbers, social security numbers, and financial information. No source da...

TransUnion Data Breach: 4.4 Million US Consumers’ Data Stolen

A TransUnion data breach exposed 4.4 million US consumers' Social Security numbers via a Salesforce hack. The attack…...

National Public Data Relaunches Despite 2.9 Billion SSNs Breach

It is business as usual at National Public Data NPD despite the breach that exposed 3 billion Social Security numbers and the subsequent leak...

Nearly 1M SSNs and Health Records Exposed in Marijuana Patient Database

Ohio Medical Alliance exposed a medical marijuana patient database containing 957,000 records, including SSNs, IDs, health files, and…...

Highly Sensitive Medical Cannabis Patient Data Exposed by Unsecured Database

Nearly a million records, which appear to be linked to a medical-cannabis-card company in Ohio, included Social Security numbers, government IDs, health conditions, and more...

National Public Data returns after massive Social Security Number leak

Remember that data broker nobody had ever heard of, but managed to leak a database which contained the data of some 2.9 billion people? It's back, and this time with a search function. National Public Data suffered an alleged breach in 2024 against a data base that, it turned out, carried 272...

Exclusive: Hackers Leak 86 Million AT&T Records with Decrypted SSNs

Hackers leak data of 88 million AT&T customers with decrypted SSNs; latest breach raises questions about links to earlier Snowflake-related attack...