Latest Breach Articles
DentaQuest - 2,553,599 breached accounts
In May 2026, the dental benefits administrator DentaQuest was the target of a ShinyHunters "pay or leak" extortion campaign that resulted in the group publicly publishing hundreds of gigabytes of data allegedly obtained from the company. The data included 2.6M unique email addresses along with names, addresses and...
KR: Tving CEO Apologizes for Unprecedented Data Leak
This is what incident response and accountability should look like in the U.S., too, but almost never does. The Chosun Daily reports: OTT platform Tving, TVING, has faced controversy over leaking members’ personal information, with its representative director personally apologizing. On the afternoon of the 3rd,...
Most organizations that miss 24-hour patch window report breaches
Steve Zurier reports: The Cloud Security Alliance (CSA) found that 80% of organizations that miss the 24-hour patch window report security incidents involving known vulnerabilities. CSA’s study, released June 2, also found that even pre-production controls are not stopping known flaws in the AI age as 82% of...
Data of 600,000 Gaza households exposed in World Food Programme cyberattack
Jacob Goldberg and Irwin Loy report: A cyber-attack targeting the World Food Programme has exposed sensitive personal information belonging to some 600,000 households in Gaza, the UN’s food agency has confirmed, in what may be the largest-known breach of humanitarian beneficiary data to date. WFP is investigating a...
Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked
Jason Koebler reports: Hackers say that they used Meta’s AI support chatbot to break into a host of high-profile Instagram profiles by asking the support bot to change the email address associated with the target account. The claims coincide with a series of high-profile Instagram account takeovers, including the...
Breaking Confinement: How a Corrections Vendor Exposed Inmate Communications | UpGuard
An exposed Azure storage bucket contained millions of documents sent through a jail messaging app, including driver's licenses used for identity verification.
Alberto Daniel Hill’s Cybermidnight Coverage of the Latin American Digital Sovereignty Crisis (March–June 2026)
Alberto Daniel Hill’s report is a must-read for anyone who wants to begin to understand what is going on in Argentina, Uruguay, and Mexico with respect to digital security. One of the many limitations of being a solo blogger is that there are entire areas of the world or sectors I basically know nothing about... Source
Edmunds - 177,860 breached accounts
In January 2026, the automotive research and car-shopping platform Edmunds was listed by the ShinyHunters hacking group as having been breached. Data purportedly obtained in the incident was later published publicly and included 178k unique email addresses, usernames, passwords, IP addresses, phone numbers and...
Atlas Menu - 63,926 breached accounts
In May 2026, the GTA V and CS2 cheat service Atlas Menu suffered a data breach. An attacker claimed to have gained access to all Atlas systems and published the service's database to a public GitHub repository. The incident exposed 64k unique email addresses along with usernames, IP addresses, support tickets and...
Charter - 4,851,517 breached accounts
In May 2026, the telecommunications company Charter Communications (the parent company behind the consumer broadband and cable brand Spectrum) was named by the ShinyHunters group in a "pay or leak" extortion campaign. The group later published the data, which exposed 4.9M unique email addresses along with names,...
Kemper - 269,299 breached accounts
In April 2026, the American insurance holding company Kemper Corporation was named by the ShinyHunters ransomware group in a "pay or leak" extortion campaign. The attackers allegedly accessed Kemper's Salesforce environment via social engineering as part of a broader campaign targeting hundreds of organisations...
Shared Context: How an MCP Server Exposed a Private Equity Firm | UpGuard
A misconfigured MCP server provided complete access to a private equity firm's data lake, illustrating the unique risks of AI adoption for specialized knowledge workers.
Read Receipts: How Mail Server Logs Put Corporate Clients at Risk | UpGuard
A publicly accessible server with email logs reveals how much information such infrastructure holds–including evidence of attackers looking for it.
Shared Enemy: Inside a Chinese Dark Web Monitoring Database | UpGuard
An exposed database of dark web threat intel reveals how China responds to the common threat of the cyber-criminal underground.
Social Insecurity: Billions of Social Security Number and Passwords | UpGuard
UpGuard research found a trove of sensitive information in an exposed Elastic database. Getting to the bottom of what it meant led us down an interesting path.
Snowflake
In the spring of 2024, a number of Snowflake customers suffered data breaches when cybercriminals announced they had data sets from high-profile customers like TicketMaster, LendingTree, Neiman Marcus, and Santander. While Snowflake & Mandiant found no evidence their cloud offering was compromised, these incidents...
Football Australia
Football Australia, the national governing authority for the sport, embedded an AWS Access Key in their website that granted access to 126 S3 Buckets containing sensitive information for players and fans.
Microsoft (Midnight Blizzard)
Leveraging an unused account, the Russian APT Midnight Blizzard was able to pivot into Microsoft’s corporate Office 365 to access the emails of key executives and cyber-security employees. Midnight Blizzard was searching for what information Microsoft knew about themselves.
First Republic Bank
In March 2020, a cloud engineer was terminated from First Republic Bank and subsequently accessed their AWS & GitHub environment to cause damage.
Retool MFA
An engineer at Retool fell victim to a social engineering attack that led to the compromise of an engineer’s MFA tokens and the account takeover of a small number of Retool customers.