News

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored. And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them. Want to Get Our RSS Feed?

Ionut Arghire reports: Global payment service provider Checkout.com has disclosed a data breach after a known hacking group attempted to extort it. The incident

On November 19, Salesforce posted a security advisory on its site: Security Advisory: Unusual Activity Related to Gainsight Applications Salesforce has identified unusual activity involving Gainsight-published applications connected to Salesforce, which are installed and managed directly by customers. Our investigation indicates this activity may have enabled unauthorized access to certain...

On November 12, DataBreaches reported that Doctor Alliance had allegedly been hacked by a threat actor who listed the data for sale on a clearnet forum. At the time, “Kazu” claimed to have 353 GB of data and had given Doctor Alliance a November 21 deadline to pay $200,000 or the data would be sold to others. As previously noted, Kazu told DataBreaches that he had exploited an older...

A software company that handles sensitive data for nearly every US federal agency was the victim of a cyber breach earlier this year due to a “major lapse” in security measures, according to documents reviewed by Bloomberg News. Opexus, which is owned by the private equity firm Thoma Bravo and provides software services for processing US government records, was compromised in February by...

A lot of insider threat reports this week, it seems. This one is from the U.S. Attorney’s Office, Southern District of Iowa: DES MOINES, Iowa – On October 15, 2025, a federal grand jury in Des Moines charged a Des Moines man with computer fraud. The Indictment alleges that Ezekiel Dean Potter, 34, after being terminated by his employer in April 2023, accessed or attempted to access to the...

Sergiu Gatlan reports another reminder of the insider threat: American cybersecurity firm CrowdStrike has confirmed that an insider shared screenshots taken on

Daniel Payne reports: The U.S. Department of Justice says a recent data breach of a California consulting firm exposed data of Catholic clergy abuse survivors i

Matthew Lane leaves U.S. District Court in Worcester. Image: Brad Petrishen/Telegram & Gazette He’s just a frail-looking teenager, but he sent threatening emails to get his victims to pay his extortion demands. Today, 19 year-old Assumption College student Matthew Lane waived indictment and pleaded guilty in a Worcester courtroom to hacking an unnamed telecom company and an unnamed edtech...

A welcome press release from Europol: Between 10 and 14 November 2025, the latest phase of Operation Endgame was coordinated from Europol’s headquarters in The Hague. The actions targeted one of the biggest infostealers (Rhadamanthys), the Remote Access Trojan VenomRAT, and the botnet Elysium, all of which played a key role in international cybercrime. Authorities…