Detailed cybersecurity breach reports with severity analysis, attack vectors, and records affected.
A misconfigured Supabase database at Moltbook, the 'social network for AI agents,' exposed 1.5 million API tokens, 35,000 email addresses, and private messages—revealing the platform was mostly humans operating bot fleets.
A Black Basta ransomware attack on Ascension Health, one of the largest US Catholic healthcare systems, forced hospitals to divert emergency patients, delay surgeries, and revert to paper records, affecting 5.6 million patients.
A LockBit ransomware attack on Evolve Bank & Trust, a banking-as-a-service provider for major fintechs, exposed data of 7.6 million individuals and rippled through partners including Affirm, Mercury, Wise, and others.
One of the largest retail data breaches in history exposed 57 million Hot Topic, Torrid, and BoxLunch customer records including 25 million credit card numbers after attackers compromised Snowflake cloud credentials stolen via infostealer malware.
Kaiser Foundation Health Plan disclosed that web tracking technologies including Google Analytics shared personal health information of 13.4 million current and former members with third-party advertisers, the second-largest healthcare breach of 2024.
A social engineering attack targeting MoneyGram's IT helpdesk led to a week-long global outage affecting billions in remittances and exposed sensitive customer data including government IDs and bank account information.
A sophisticated malware attack on South Korea's largest mobile carrier compromised USIM authentication data for nearly the entire subscriber base, forcing mass SIM replacements and costing over $120 million.
ShinyHunters breached Panera Bread via Microsoft Entra SSO vishing attack, leaking 5.1 million customer records including names, emails, phone numbers, and addresses after the company refused extortion demands.
Two VS Code extensions masquerading as AI coding assistants—ChatMoss and ChatGPT中文版—exfiltrated source code, API keys, and proprietary algorithms from 1.5 million developers to servers in China.
Attackers breached an eScan regional update server and distributed signed malicious updates with backdoor capabilities during a two-hour window on January 20.
ShinyHunters breached Match Group via a third-party analytics provider, exposing 10 million records from Tinder, Hinge, OkCupid, and Match.com.
ShinyHunters breached SoundCloud's internal systems and leaked 29.8 million user records after the company refused extortion demands, exposing email addresses linked to public profile data.