A dark‑web seller offers an alleged 109 GB JSON dump of 850 million Indian Aadhaar records for a few dollars, prompting analysis of the data’s scope, possible leakage paths, security implications, and defensive measures for large‑scale identity systems.
In May 2026 a hacker named NormalLeVrai released roughly 3 billion WhatsApp records on the dark web, prompting a Texas lawsuit against Meta, a public accusation by Telegram’s Pavel Durov, and a detailed technical analysis exposing gaps between WhatsApp’s end‑to‑end encryption theory and its real‑world implementation, followed by risk assessments and mitigation advice for enterprises and individuals.
After TeamPCP posted a $50,000 offer for 4,000 private GitHub repositories, the data was transferred to LAPSUS$, the price doubled to $95,000, and the breach highlighted a supply‑chain attack chain that now threatens infrastructure credentials and prompts urgent self‑audit steps.
A Ledger customer in Italy got a real handwritten letter with a QR code leading to a phishing site, exposing how the 2020 data breaches of Ledger still fuel scams years later and showing scammers’ low-cost, high‑ROI shift to postal phishing.
Foxconn's U.S. factories suffered a network outage before the Nitrogen ransomware gang claimed to have exfiltrated over 8 TB of sensitive data—about 11 million files—including material related to Google and Intel, prompting security researchers to analyze the leaked samples and assess the potential impact.
In May 2026, VECERT flagged threat actor NormalLeVrai for stealing credentials and admin access from France’s Fédération Française de Ball‑Trap (FFBT), selling the data on dark‑web markets; the breach, still under investigation, highlights the actor’s focus on French organizations, low‑price bulk sales, and the need for immediate password resets, MFA, and continuous monitoring.
A high‑risk incident reported by ShinyHunters claims Cisco’s core source code, private keys, API tokens, AWS bucket rights, GitHub repositories, and millions of Salesforce records are being sold for $210,000, highlighting how simultaneous exposure of code and credentials can turn a data breach into an ecosystem‑wide compromise.
Ransomware groups are increasingly using double‑extortion "shaming" tactics, publicly leaking stolen data to pressure victims, with Breachsense reporting more than 2,000 compromised firms in 2026, a 40% rise projected for the year, prompting new defensive strategies across industries.
In March 2026, the ShinyHunters ransomware group claimed to have breached Cisco's Salesforce CRM, GitHub repositories, and AWS S3 buckets, stealing over 3 million records that include personnel data from U.S. agencies such as the FBI, DHS, IRS, NASA, as well as Australian and Indian government entities, and issued an ultimatum for Cisco to respond by April 3.
The article breaks down the 2026 ShinyHunters breach list by industry, revealing that Salesforce systems were the primary target, and details massive data exposures across finance, government, retail, and social platforms while urging victims to secure accounts and avoid downloading the leaked files.
On March 30, 2026, the notorious hacker group ShinyHunters announced its exit from BreachForums and released the forum’s full database of over 324,000 users—including usernames, emails, IPs, login logs, and password salts—sparking a crisis of anonymity, trust, and potential law‑enforcement honeypot exposure.
Telus Digital confirmed a breach in which the ShinyHunters group claims to have exfiltrated close to 1 petabyte of data by leveraging Google Cloud credentials stolen from a prior Salesloft/Drift breach, affecting numerous customers and prompting a $65 million ransom demand.
Aura, a provider of identity‑theft protection services, disclosed that a phone‑phishing (vishing) attack in March 2026 exposed roughly 900,000 customer names and email addresses, prompting analysis of the attack vector, MITRE ATT&CK mapping, and lessons on supply‑chain risk and defense‑in‑depth.
A recent breach at the U.S. online training platform 360training leaked personal, learning, payment, and credential data of 24,594 customers, highlighting severe risks for users and exposing systemic security weaknesses across the rapidly growing online education sector.
A recent breach at the US‑based online vocational training platform 360training exposed personal, payment, and credential data of 24,594 customers, highlighting systemic security gaps in the online education sector and prompting detailed recommendations for both platform operators and users to mitigate identity‑theft and trust risks.
Australia’s ASIC fined FIIG Securities AU$2.5 million (≈CNY 12 million) and ordered AU$0.5 million in costs after a 2023 breach exposed 385 GB of client data—including IDs, passports and bank details—highlighting numerous security compliance failures such as missing MFA, weak passwords, and lack of penetration testing.
A recent breach of the AI companion apps Chattee and GiMe Chat exposed over 40 million private conversations, hundreds of thousands of media files, and transaction records due to publicly accessible Kafka brokers lacking any authentication, putting user privacy and security at serious risk.
In May 2024, Dior Shanghai faced an administrative investigation for illegally transferring user data abroad, failing to obtain explicit consent, and neglecting encryption, highlighting critical compliance gaps under China’s Personal Information Protection Law and prompting a strong security reminder for data handlers.
Oracle disclosed that attackers stole data from its legacy Cloud Classic servers, posted the breach on security forums, and claimed millions of records were compromised, while the company insists its Oracle Cloud Infrastructure was never breached, prompting widespread criticism and concern.
Sonatype’s Q1 2025 Open‑Source Malware Index identified 17,954 malicious packages—including hijacked npm crypto modules, a fake Truffle for VS Code extension, and counterfeit Solana packages—revealing that 56% of these components are associated with data breaches, a sharp rise from the 26% reported in Q4 2024, and highlighting the growing prevalence of complex, threat‑laden malware such as droppers and code‑injection threats.
Oracle’s recent cloud security breach, allegedly exposing six million records from dozens of customers worldwide, has sparked FBI investigations, a class‑action lawsuit, and revelations about outdated middleware and evidence‑tampering, highlighting critical risks in cloud infrastructure and the need for stronger data protection.
Websites cannot reveal original passwords because they store only salted, one‑way hashes, not the plaintext, making recovery impossible; therefore, when users forget their credentials, the secure approach is to verify identity and issue a password reset rather than expose any stored data.
In December 2023 a massive data breach exposed over 510,000 LINE users, prompting the Japanese government to order LINE and its parent NAVER to overhaul their shared technology stack, tighten authentication, and separate their cloud infrastructures to prevent future security failures.
Recent reports reveal that misconfigured Azure storage buckets and exposed GitHub keys leaked sensitive BMW and Mercedes data, highlighting how simple cloud configuration errors can lead to massive breaches and underscoring the need for strict security controls and best‑practice cloud management.
A recent breach of Donald Trump Jr.'s X account exposed fake posts, highlighted ongoing security flaws on the platform, and underscored the broader challenges of protecting user data against sophisticated hacking attempts.
Anonymous Sudan alleges it has breached Microsoft’s servers and obtained a database containing over 30 million customer credentials, while Microsoft firmly denies any such breach, prompting widespread debate over the hacker group’s capabilities, motives, and the broader implications for information security.
A recent data breach at Renmin University's website exposed thousands of students' personal information, revealing that the hacker, a former graduate student with a strong academic record and industry experience, was arrested, highlighting serious privacy and information security concerns in China.
This comprehensive list chronicles the 70 biggest data breach incidents ever recorded, detailing dates, affected records, compromised data types, and the security failures that exposed personal information for companies ranging from social networks to financial institutions.
A former IT employee in Guangdong’s Nanhai district remotely encrypted his former employer’s server after resigning, causing a complete system shutdown and significant financial loss, prompting police to investigate the incident as a serious information‑security breach and sparking public debate about ethical use of technology.
A massive Twitter data breach exposing over 5.4 million accounts—plus a larger, undisclosed dump—highlights a six‑month‑old API vulnerability, the delayed fix, and the heightened phishing risk for millions of users worldwide.
A recent ransomware group called RansomHouse revealed that AMD suffered a massive data breach of over 450 GB due to employees using simple passwords like "admin" and "123456", highlighting the dangers of weak credentials and prompting urgent security awareness.
A U.S. hacker known as "icloudripper4you" infiltrated thousands of iCloud accounts, stole massive amounts of nude photos and videos, and was sentenced to nine years in prison, highlighting the severe impact of cyber‑crime and the FBI's commitment to prosecuting such offenses.
GitHub revealed that attackers exploited stolen OAuth tokens from third‑party services like Heroku and Travis‑CI to download private repository data, prompting a rapid revocation of tokens and ongoing investigation into the breach.
On October 4, 2021, Facebook, Instagram, and WhatsApp suffered a six‑hour global outage caused by a DNS failure, wiping $60 billion from Mark Zuckerberg’s wealth, prompting stock drops, data‑sale rumors, and political calls for a breakup of the tech giant.
In July, security researcher Bob Diachenko uncovered an exposed Elasticsearch cluster leaking nearly two million personal records—including passport details and no‑fly indicators—highlighting the severe impact of unsecured Elasticsearch deployments and offering recommendations to prevent future breaches.
In September 2022, Nantong police uncovered China's first nationwide case of illegal WeChat user data harvesting using a "clean fan" application, leading to the arrest of eight suspects who were convicted for illegally obtaining computer system data and controlling systems, highlighting severe information security risks.
The article recounts a high‑profile Chinese case where a former developer, after a salary dispute, exploited server vulnerabilities to delete critical user data and application files, leading to massive user impact, a court trial, and an eleven‑month prison sentence under computer‑information‑system sabotage laws.
A former Facebook engineer serving as Gab's CTO introduced a simple SQL injection flaw, which hackers exploited to steal data from 15,000 users, prompting a $500,000 ransom demand, code deletion, and a heated debate over CTO responsibilities and security best practices.
This article reviews nine major data breach incidents—from Clearview AI to Yahoo—detailing their scope, compromised data types, and impact, and emphasizes the importance of robust security practices for developers to prevent such losses.
The article explains why the rare password “ji32k7au4a83” appears in breach data, traces its origin to the Chinese Zhuyin phonetic system, presents statistics on common passwords, and offers expert advice on crafting secure, long, and varied passwords.
The article explains how ransomware gangs steal MySQL databases, automate ransom‑payment portals on the dark web, auction unsold data, and accept Bitcoin, revealing the scale of over 85,000 databases for sale at roughly $500‑$550 each.
In February 2020, a core operations engineer at Micro-Alliance maliciously deleted the company's production databases, causing over ten billion yuan in market loss, massive user disruption, and a six‑year prison sentence, while highlighting broader industry risks and the need for stronger security controls.
A misconfigured ElasticSearch server owned by Microsoft leaked millions of Bing mobile app search queries, location data, device IDs and other details, exposing users worldwide to phishing, ransomware and even robbery risks, while Microsoft claims the breach affected only a small amount of non‑identifiable data.
A recent investigation revealed that an unsecured server containing more than 6.5 TB of user data from Bing’s iOS, iPadOS, and Android apps was exposed, allowing attackers to harvest nearly 100 million records and launch destructive “Meow” attacks that nearly wiped the Elasticsearch database.
A massive breach exposed over 6.5 TB of Bing mobile app data—including search queries, location coordinates, device identifiers, and URLs—on an unsecured Elasticsearch server, putting iOS and Android users at risk of fraud, phishing, and physical threats, while highlighting common causes of such leaks.
This article reviews major 2020 data breach incidents worldwide, shows how to check if your accounts appear on the dark web using HaveIBeenPwned, and offers practical advice on password reuse and recommended password‑manager tools to protect your online identities.
The article lists major 2020 data‑breach incidents worldwide, explains how to use HaveIBeenPwned to discover whether your credentials have been exposed, and offers practical advice on password hygiene and reliable password‑manager tools to protect your online accounts.
A recent investigation uncovered a 1.2 TB leak containing personal data of up to 20 million users from seven VPN services that claim to keep no logs, revealing email addresses, passwords, IPs, device details, and connection logs, and prompting urgent security recommendations.
The article explains the recent Weibo data breach, describing how attackers used credential‑stuffing (撞库), data leakage (漏水), database dumping (拖库) and data laundering (洗库) to obtain millions of user records, the technical steps involved, and the security implications for both users and platforms.
In late February 2023, a core operations engineer at Weimob maliciously accessed the internal network and deleted production data, causing a 24‑hour outage of numerous merchant mini‑programs, leading to over HK$1 billion in market value loss and prompting legal action.
A Chinese SaaS provider suffered a catastrophic data loss when a core operations employee maliciously deleted its production databases, prompting emergency repairs, police involvement, and a multi‑day recovery effort that exposed critical gaps in permission management and backup strategies.
A recent ElasticSearch breach exposed 2.7 billion email addresses, one‑billion plain‑text passwords and hundreds of thousands of birth‑certificate copies, highlighting persistent security gaps in cloud‑based search services despite growing corporate safeguards.
Facebook faces a wave of legal and regulatory scrutiny after the DC Attorney General sued the company over alleged privacy violations tied to the Cambridge Analytica scandal, while new reports reveal extensive data‑sharing agreements with over 150 tech firms and multiple recent data breaches affecting tens of millions of users.
A recent dark‑web sale revealed that over 500 million records from dozens of Huazhu hotel brands—including personal IDs, booking details, and login credentials—were compromised, prompting urgent security advice and highlighting the growing risks of large‑scale data breaches.
In early June, AcFun announced a massive hack that leaked nearly ten million user records, including IDs, nicknames and encrypted passwords, urging users—especially those who haven’t logged in since July 2017 or use weak passwords—to change them immediately, while noting that the data is already being sold on the dark web.
The Facebook‑Cambridge Analytica scandal exposed the illicit harvesting of 50 million users' data, political manipulation allegations, multiple investigations, a sharp stock plunge, executive resignations, and heightened global scrutiny of data‑privacy practices.
From Hearthstone’s dual‑database crash to Uber’s massive data breach, this 2017 Linux operations roundup chronicles twelve critical incidents—highlighting backup failures, Docker rebranding, ransomware, BGP hijacking, and more—offering key lessons for sysadmins and DevOps professionals.
Thousands of MongoDB databases were erased and replaced with ransom demands, yet almost no victims recovered their data, highlighting widespread misconfigurations, public exposure on Shodan, and the urgent need for proper security hardening of MongoDB deployments.
The article explains how weak passwords, misconfigured services like Redis, careless port changes, and leaked data enable attackers to compromise servers and internal networks, illustrating each risk with real‑world case studies and offering practical mitigation advice for robust ops security.
This article outlines why proactive information‑security preparedness, cross‑department response teams, and clear incident‑response checklists are essential for minimizing damage and maintaining trust when a data breach occurs.
