📰 Cyber Feed Aggregator

💥 Breach

Latest Breach coverage curated from trusted cybersecurity sources.

• Toy Battles - 1,017 breached accounts
  Have I Been Pwned latest breaches — Tue, 10 Feb 2026 02:44:47 Z

  In February 2026, the online gaming community Toy Battles suffered a data breach. The incident exposed 1k unique email addresses alongside usernames, IP addresses and chat logs. Following the breach, Toy Battles self-submitted the data to Have I Been Pwned.

• Association Nationale des Premiers Secours - 5,600 breached accounts
  Have I Been Pwned latest breaches — Tue, 10 Feb 2026 01:27:25 Z

  In January 2026, a data breach impacting the French non-profit Association Nationale des Premiers Secours (ANPS) was posted to a hacking forum. The breach exposed 5.6k unique email addresses along with names, dates of birth and places of birth. ANPS self-submitted the data to HIBP and advised the incident was...

• Substack - 663,121 breached accounts
  Have I Been Pwned latest breaches — Fri, 06 Feb 2026 23:33:22 Z

  In October 2025, the publishing platform Substack suffered a data breach that was subsequently circulated more widely in February 2026. The breach exposed 663k account holder records containing email addresses along with publicly visible profile information from Substack accounts, such as publication names and...

• Betterment - 1,435,174 breached accounts
  Have I Been Pwned latest breaches — Thu, 05 Feb 2026 00:29:45 Z

  In January 2026, the automated investment platform Betterment confirmed it had suffered a data breach attributed to a social engineering attack. As part of the incident, Betterment customers received fraudulent crypto-related messages promising high returns if funds were sent to an attacker-controlled...

• Panera Bread - 5,112,502 breached accounts
  Have I Been Pwned latest breaches — Sat, 31 Jan 2026 03:19:30 Z

  In January 2026, Panera Bread suffered a data breach that exposed 14M records. After an attempted extortion failed, the attackers published the data publicly, which included 5.1M unique email addresses along with associated account information such as names, phone numbers and physical addresses. Panera Bread...

• Streamlit: The Tip of The Shadow AI Iceberg | UpGuard
  UpGuard Data Breach Research — Tue, 09 Dec 2025 23:19:01 GMT

  Tens of thousands of AI-enabled web applications using the Streamlit framework are publicly available, exposing PII and other confidential data.

• Identifying Companies Affected by the Shai-Hulud NPM Supply Chain Attack | UpGuard
  UpGuard Data Breach Research — Fri, 24 Oct 2025 04:08:27 GMT

  Using Github event archives, UpGuard Research identifies companies with indicators of compromise of the Shai-Hulud attacks, even after the repos have been deleted.

• Unclaimed Property: How an Unknown Entity Exposed Indian Banking Information | UpGuard
  UpGuard Data Breach Research — Fri, 26 Sep 2025 16:05:20 GMT

  UpGuard discovered a rapidly growing data leak of bank accounts in India– and no one to take responsibility for it.

• Traffic Patterns: The Leakzone Part 2 | UpGuard
  UpGuard Data Breach Research — Tue, 12 Aug 2025 23:13:57 GMT

  UpGuard analyzes the universities, governments, and private companies mentioned in the access logs of hacker forum Leakzone.

• Insufficient Coverage: WorkCycle, Langflow, and TPL | UpGuard
  UpGuard Data Breach Research — Tue, 12 Aug 2025 16:00:01 GMT

  UpGuard can now report that we have secured a Langflow instance leaking data for around 97,000 insurance customers in Pakistan.

• Snowflake
  Public Cloud Security Breaches — Sun, 30 Jun 2024 11:08:05 -0400

  In the spring of 2024, a number of Snowflake customers suffered data breaches when cybercriminals announced they had data sets from high-profile customers like TicketMaster, LendingTree, Neiman Marcus, and Santander. While Snowflake & Mandiant found no evidence their cloud offering was compromised, these incidents...

• Football Australia
  Public Cloud Security Breaches — Mon, 05 Feb 2024 07:27:16 -0500

  Football Australia, the national governing authority for the sport, embedded an AWS Access Key in their website that granted access to 126 S3 Buckets containing sensitive information for players and fans.

• Microsoft (Midnight Blizzard)
  Public Cloud Security Breaches — Sat, 20 Jan 2024 20:14:38 -0500

  Leveraging an unused account, the Russian APT Midnight Blizzard was able to pivot into Microsoft’s corporate Office 365 to access the emails of key executives and cyber-security employees. Midnight Blizzard was searching for what information Microsoft knew about themselves.

• First Republic Bank
  Public Cloud Security Breaches — Wed, 13 Dec 2023 04:16:54 -0500

  In March 2020, a cloud engineer was terminated from First Republic Bank and subsequently accessed their AWS & GitHub environment to cause damage.

• Retool MFA
  Public Cloud Security Breaches — Fri, 10 Nov 2023 19:43:16 -0500

  An engineer at Retool fell victim to a social engineering attack that led to the compromise of an engineer’s MFA tokens and the account takeover of a small number of Retool customers.