Data-Leaking Ransomware Report - Healthcare 2025

Welcome to a special DLR Report solely focused on the Healthcare Sector, an exclusive presentation of Data-Leaking Ransomware Operator's Global and US Victims that were claimed in the Healthcare Sector in 2025.

DBD discovered and researched 460 Global Ransomware Victims over 51 Countries and Islands, including 312 US Ransomware Victims over 47 States and Districts, claimed by 75 Data-Leaking Ransomware Operators in the Healthcare Sector in 2025, further details of which can be found in our PRiSM application.

Download PDF



Data Source: Data Breaches Digest.

Ransomware Operator Claims - Week 7 2026

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 9th February and 15th February 2026, kindly assisted by our partners.

DBD discovered and researched 206 Ransomware Victims over 47 Countries and Islands claimed by 37 Data-Leaking Ransomware Operators, including 2 Newly Discovered Ransomware Operators last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Data Breaches Digest - Week 8 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 16th February and 22nd February 2026.

19th February

Hacker accesses info on 1.2 Million French bank accounts

18th February

Abu Dhabi data leak exposes David Cameron, Alan Howard

Abu Dhabi Finance Week Data Leak Exposes Global Figures’ Passport Information in Cloud Server Lapse

Abu Dhabi Finance Week Hit By Passport Data Breach, Scans Of Global Investors Found On Open Server

Abu Dhabi Finance Week says data breach dealt with

Abu Dhabi Finance Week says data breach swiftly ‘dealt with’

Academic Urology & Urogynecology of Arizona Data Breach Affects 73K Patients

Aeromedical Society of Australasia confirms cyber incident following LockBit ransomware claims

AI Assistants Used as Covert Command-and-Control Relays

Amwill Healthcare Data Breach: Account Data Compromised, Firm Investigates

‘An all-time high’: Number of ransomware groups exploded in 2025 as victim growth rate doubled - with Qilin dominating the landscape

Angolan Journalist Teixeira Candido Targeted with Predator Spyware in Surveillance Campaign

Arctic Wolf Threat Report Highlights 11x Growth in Data Extortion Incidents and Continued Dominance of Ransomware

Arctic Wolf Threat Report Highlights Growth in Data Extortion Incidents

Atlas Transfer & Storage Co. Data Breach: SSNs, Financial Information, and More Exposed

Attackers Deploy Dormant Backdoors in Ivanti EPMM to Bypass Patching of Latest 0-Days

Australian fintech platform youX confirms data breach as hacker shares massive dataset online

Beeja Meditation Data Breach Exposes Customer PII and Payments

Booking.com Phishing Campaign Hijacks Hotel Accounts to Defraud Guests

Canadian Investment Regulatory Organization’s (CIRO) faces second potential class action following data breach

China-linked hackers exploited Dell zero-day since 2024 (CVE-2026-22769)

Chinese APT Group Exploits Dell Zero-Day for Two Years

CISA Flags Four Security Flaws Under Active Exploitation in Latest Known Exploited Vulnerabilities (KEV) Update

Citizen Lab Finds Cellebrite Tool Used on Kenyan Activist’s Phone in Police Custody

Conduent Data Breach: Overview and What to Know

Conduent Data Breach Exposes Over 25 Million Americans

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical Log Poisoning Vulnerability in OpenClaw AI Allows Content Manipulation

Critical Privilege Escalation Flaw Discovered in Windows Admin Center

Crypto Tax Platform Waltio Suffers Data Breach, User Data Exposed

Cryptojacking Campaign Exploits Driver to Boost Monero Mining

Cyber Attack on Dutch Telecom Giant Odido Exposes Customer Data of 6.2 Million

Cyber attackers hide their tracks by exploiting firewalls

Cyber insurers on alert as Qilin claims fresh victim and 40GB data theft

Data Breach at Abu Dhabi Conference: High-Profile Passport Leak Exposed

Data breach at Abu Dhabi finance summit exposes politicians’ details

Data breach at fintech firm Figure affects nearly 1 million accounts

Data breach at fintech giant Figure affects close to a million customers

Data breach lawsuits filed against Progressive Auto Group in Massillon

Data-Breach ‘Transparency Is on Life Support’

Data-only extortion surges as remote access abused

Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024

Deutsche Bahn suspects Russian meddling behind recent IT outage

Disney+ “Billing Details” phishing scam coming for your account info

Docs reveal significant increase in ICE data stored on Microsoft cloud: What info is it collecting?

Eurail admits breach: alleged passenger data spills onto the dark net

Everyone uses open source, but patching still moves too slowly

Federal agencies ordered to patch Dell bug by Saturday after exploitation warning

Fintech lender Figure hit by data breach impacting 967k accounts

Firebase Misconfiguration Exposes 300 Million Messages From Chat & Ask AI Users

Firewalls exploited in 90 percent of ransomware incidents

Former British Prime Minister David Cameron among hundreds hit by Abu Dhabi data breach

France reports data breach affecting 1.2 million bank accounts

Fraudster hacked hotel system, paid 1 cent for luxury rooms, Spanish cops say

Global data leak exposes a billion personal records: IDs, emails, addresses exposed

Global Leaders, Executives Exposed in Data Leak

Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution

Growth in Data Extortion Incidents and Continued Dominance of Ransomware

Hacker accessed data from 1.2 million bank accounts, French Economy Ministry says

Hacker claims access to $120 Billion insurer, but experts see credibility red flags

Hacker releases data after claiming to have accessed 'hundreds of thousands' of Australians' loans, driver's licences

Hackers Exploit QR Codes To Spread Phishing and Malware Across Mobile Phones

How a ransomware attacker thinks

How Security Operations Will Fundamentally Change in 2026

Identity is the new cyber attack surface

IFL Group Suffers Data Breach by Anubis Ransomware Group

India: 3,195 Cyberattacks Every Week - AI-Powered Hackers Raise Alarm

Kaspersky Detects 144 Million Dangerous Email Attachments in 2025

Langley Twigg Law provides update on January ransomware incident

Latin America sees sharp rise in ransomware, hacktivist attacks in 2025 amid expanding fraud and phishing threats

Loan applications, drivers licences, personal data of 440k Australians exposed after hacker hits Sydney finance tech company youX

LockBit 5.0 ransomware targets Windows, Linux, ESXi

Malicious Gemini AI Chatbot Sells Fake Google Coin in Scam Campaign

Managed Care Advisors and Sedgwick Notify Patients of Ransomware Attack

Massive data breach by New Jersey company that exposed millions being investigated as lawsuits are filed

MetaMask Users Targeted by Phishing Emails with Fake Security Report to Bypass Detection

MetaMask Users Targeted with Phishing Emails Containing Forged Security Report to Evade Detection

New backdoor found in Android tablets targeting users in Russia, Germany and Japan

New Carding-as-a-Service Marketplaces Fuel Surge In Credit Card Fraud

New Phishing Campaign Exploits Booking.com Partners, Targets Customers in Multi-Stage Fraud Scheme

New Phishing Campaign Targets Booking.com Partners and Customers in Multi-Stage Financial Fraud Scheme

North Central Behavioral Health Systems (NCBHS) Data Breach Exposes Sensitive Information

Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware

Notepad++ releases another patch following recent cyberattacks

Notepad++ secures update channel in wake of supply chain compromise

Nothing nice about this ‘Gentlemen’

Now firewalls being exploited to launch Ransomware Attacks

0APT ransomware crew makes embarrassing splash

One stolen credential is all it takes to compromise everything

Panera Bread data breach exposes 5.1 million customers

Phishing Kits Doubled in 2025

Phobos Ransomware Affiliate Arrested in Poland in Global Crackdown

Predator spyware used to infect phone belonging to Angolan journalist, report says

Prompt Control is the New Front Door of Application Security

Railway Resilience: Deutsche Bahn Recovers from Cyber Attack

Ransomware protection for all: How consumption-based subscription models can lower the entry point for cyber resilience

Ransomware surge in 2025 exposes mounting OT risk as industrial impacts outpace IT narratives

Ransomware victims refuse to pay as data extortion soars

Record Number of Ransomware Victims and Groups in 2025

Record ransomware surge as 7,458 victims named in 2025

Safran S.A. Data Breach Exposes Aerospace Supply Chain Records

Scammers exploit trust in Atlassian Jira to target organizations

Securin 2025 Ransomware Report Finds AI Accelerating, Not Replacing, Human-Led Attacks

Spanish police arrest hacker who booked luxury hotels for one cent

Substack Breach May Have Leaked Nearly 700,000 User Details Online

Telegram channels expose rapid weaponization of SmarterMail flaws

Temu engages Nigeria Data Protection Commission (NDPC) on data breach allegations

Texas sues TP-Link, alleging it allows China to hack into routers

That’s not our admin: The blind spots that open doors to attackers

The defense industrial base is a prime target for cyber disruption

The era of the Digital Parasite: Why stealth has replaced ransomware

Threat actor posts allegedly sensitive data related to Safran Group, company denies cyberattack

Threat Actors Target Iran Protest Supporters with New Malware in Cyberespionage Campaign

Threat groups using AI to speed up and scale cyberattacks

Unsecured cloud server at Abu Dhabi Finance Week exposes passports of global leaders and investors

Wonder Rates Data Breach Exposes Sensitive Mortgage Data

youX confirms data breach after hacker publishes sample of stolen loan application records

Zero-Day in Dell RecoverPoint Exploited by Chinese Hacker Group

17th February

15 OpenClaw Security Flaws Disclosed as AI Agent Platform Sees Rapid Enterprise Adoption

80% of Att&Ck Mitre Techniques Now Dedicated to Evasion and Persistence

ACBuy Data Breach Exposes Over 250K Customer Records

Adidas Data Breach: Hacker Group Warns of Another Attack Soon

Adidas Extranet Data Breach Exposes 815,000 Records

AI Is Supercharging Cyberattacks. What Schools Need to Know and Do

Amazon’s Ring Scraps Law Enforcement Integration Amid Surveillance Conflagrations

Australia: Federal Court hits FIIG Securities with $2.5m fine after data breach

Australian hospitality group confirms cyber incident, claimed by Kairos ransomware

Broad phishing campaign involves Fortune 500 company impersonation

Can Antivirus Software Detect And Remove Ransomware?

Canada Goose data breach exposes 582,000 customer emails and data

Canada Goose says leaked customer transaction data did not come from company systems

ChatGPT's new Lockdown Mode can stop prompt injection - here's how it works

Chinese hackers exploiting Dell zero-day flaw since mid-2024

CleanTalk WordPress Plugin Vulnerability Puts 200,000 Sites at Risk

ClickFix Infection Delivers Matanbuchus 3.0 Malware and New AstarionRAT in High-Speed Intrusion

Conduent Data Breach: US Tech Contractor Cites More Leaks Apart From 25 Million People Already Affected

Conduent Data Breach Exposes Over 25 Million Americans

Critical Apache NiFi Vulnerabilities Enable Authorization Bypass

Cross-platform LockBit 5.0 ransomware examined

Cybercriminals Behind 0APT Ransomware Claim 200 Attacks, Provide No Data

Dark Web Profile: Sinobi Ransomware

Darknet marketplaces increasingly tap into top privacy coin Monero

Data breach hits sex toy firm Tenga

Data Breach Impacts Over 181,000 New Hampshire Residents

Data Breach Shocks Millions: Over 25 Million Americans’ Personal Information Exposed

Data Extortion Incidents Surged As Ransomware Dominated 2025

Data-only extortion grows as ransomware gangs seek better profits

Delaware high court rules for insurers in ransomware case

Delaware Supreme Court revives insurer claims in Blackbaud ransomware case

Design weaknesses in major password managers enable vault attacks, researchers say

Dutch man receives wrong link from police, downloads secret files and gets arrested

Dutch police arrest man who refused to delete confidential files shared by mistake

Eurail confirms stolen traveler data is on sale in the dark web - and it still doesn't know who is behind the attack

Eurail data breach: Stolen information offered on dark web

European Parliament blocks AI on lawmakers’ devices, citing security risks

European Union: Personal data, breach reporting, and AI governance

Evolving ransomware tactics with AI-enhanced attacks and ransomware as a service

Figure Technology Solutions: 2.5GB Data Breach Exposes PII

Firmware-level Android backdoor found on tablets from multiple manufacturers

Flaws in popular VSCode extensions expose developers to attacks

Fraudsters Target Ledger and Trezor Users by Post

Global report charts rise in ransomware attacks

Hackers Abuse ScreenConnect to Hijack PCs via Fake Social Security Emails

Hackers claim Canada Goose breach but researchers reveal data is “several years old”

Hackers sell stolen Eurail traveler information on dark web

Hackers Send Physical Phishing Letters Impersonating Trezor and Ledger to Trick Users

Hackers target supporters of Iran protests in new espionage campaign

Hackers Target Winter Olympics 2026 Fans With Fake Online Shops

Hardware Wallet Owners Hit With Snail Mail Phishing Campaign

India’s Largest Pharmacy Exposes Customer Personal Data and Internal System Access

Indian pharmacy chain giant exposed customer data and internal systems

Infostealer Targets OpenClaw to Loot Victim’s Digital Life

Intellexa’s Predator spyware used to hack iPhone of journalist in Angola

Japanese Sex Toy Firm Tenga Suffers US Data Breach

Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates

Kenyan authorities used Cellebrite to break into phone of dissident

Lapsus$ gang claims Adidas breach and warns "something bigger is coming"

Ledger and Trezor Users Targeted by Sophisticated Physical Phishing Campaign

LockBit Ransomware Unleashes Devastating 5.0 Version Targeting Windows, Linux, and ESXi

Low-Skilled Cybercriminals Use AI to Perform "Vibe Extortion" Attacks

Lynx Attack Hits Powers Miller, Goff Backa Alfera, 123LUMPSUM

Major Cloud Password Managers Vulnerable to Recovery Attacks: Bitwarden, LastPass, and Dashlane

Man Linked to Phobos Ransomware Arrested in Poland

Marshal Renee Construction Hit By Securotrop Ransomware

“Messages Held” phishing emails target Microsoft 365 passwords

Mexico Rises to 11th Globally in Ransomware Attacks

Microsoft Finds “Summarize with AI” Prompts Manipulating Chatbot Recommendations

Mobiuz Denies Reports of Large-Scale Data Breach Following Hacker Claims in Darknet

New Keenadu backdoor found in Android firmware, Google Play apps

Nigeria: Department of State Services (DSS) Files Charges Against Former Kaduna State Governor Nasir El-Rufai Over Alleged National Security Adviser (NSA) Phone Interception

Nigeria Data Protection Commission (NDPC) opens investigation into Temu’s alleged data breach in Nigeria

Nigeria Data Protection Commission (NDPC) probes Temu over alleged data breach involving 12.7 million Nigerians

Notepad++ boosts update security with ‘double-lock’ mechanism

Number of ransomware victims hits record high

0APT Ransomware Group Claims 200 Victims but Fails to Deliver Any Real Data

0APT Ransomware Group Claims 200 Victims, Fails to Provide Proof

Operational Technology (OT) teams are losing the time advantage against industrial threat actors

Over-Privileged AI Drives 4.5 Times Higher Incident Rates

Phishing Kit Hosted on Legitimate Cloud and CDN Platforms Targeting Microsoft and Google Users

Phobos ransomware affiliate arrested in Poland

Poland arrests suspect linked to Phobos ransomware operation

Polish authorities arrest alleged Phobos ransomware affiliate

Polish cops nab 47-year-old man in Phobos ransomware raid

Polish cybercrime Police arrest man linked to Phobos ransomware operation

Polish police detain alleged cybercriminal with Phobos ransomware ties

Poorly crafted phishing campaign leverages bogus security incident report

Qilin ransomware claims hack of Mount Barker Co-operative

QR Codes Exploited for Phishing Attacks and Malware Spread on Mobile Devices

QR Codes Used to Spread Phishing Attacks and Malicious Apps Across Mobile Devices

Quishing on the Rise: QR Codes Emerge as a Major Mobile Phishing Vector

Ransomware Attack Disrupts Online Payments in Marietta, Georgia

Ransomware Groups Claimed Record Number of Victims in 2025 with 30% Annual Increase

Ransomware in transport: why downtime now costs more than fuel

Ransomware “Supergroups” Emerge After Record‑Breaking Year of Attacks

Ransomware’s 30% surge: Why 2026 is already more dangerous than 2025

Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies

Scammers Send Physical Letters to Ledger and Trezor Users in Latest Phishing Attempt

Shelly to release firmware update to address flaw in smart home devices

Significant Rise in Ransomware Attacks Targeting Industrial Operations

SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer

Space Bears Ransomware Hits Kymco & Wagner Metal Concept

Substack data breach exposes emails and phone numbers

Texas Attorney General investigates massive data breach affecting 4 million residents

The Copilot Problem: Why Internal AI Assistants Are Becoming Accidental Data Breach Engines

The European Commission Data Breach Compromises Infrastructure for Managing Mobile Devices

Think You’re Too Small to Be Hacked? National Cyber Security Centre (NCSC) Says Think Again

Top 20 Healthcare Data Breaches of 2025

Top Japanese hotel brand reveals cyberattack - Washington hotels hit by ransomware

University of Pennsylvania Data Breach Exposes Data of Almost 624,000 Individuals, Including Donors

Washington Hotel in Japan confirms ransomware attack, business data exposed

Washington Hotel in Japan Hit by Ransomware Attack

Washington Hotel in Japan hit by ransomware attack, business data exposed

Washington Hotel Located in Japan Suffers Ransomware Attack

Washington Hotel Suffers Ransomware Attack, Systems Disrupted

Why AI Is a Big Problem for School Cybersecurity

Why Healthcare Became Ransomware’s Favorite Target: A $4.4M Lesson Every CISO Needs

Why Ransomware Remains One of Cybersecurity’s Most Persistent and Costly Threats

Why you’ve already been targeted by ‘Smishing’

Wrongly sent emails 'most common data breach' in Guernsey

Your encrypted data is already being stolen

ZeroDayRAT Malware Strikes Android and iOS Devices for Real-Time Spying

16th February

AI Agent Targets OSS Maintainers with Autonomous Pull Requests, Bypassing Human Detection

AI and RaaS Alter Threat Landscape, New Ransomware Groups Grow by 30%

AI-fuelled supply chain cyber attacks surge in Asia-Pacific

AI-Powered Phishing Attacks Surge in 2025

Apple privacy labels often don’t match what Chinese smart home apps do

Blockchain fintech giant Figure hit by data breach, says 'limited number of files' impacted

Brazilian Crowdfunding Platform APOIA.se Data Breach Exposes Over 450,000 Users

Canada Goose confirms data leak - around 600,000 customers thought to be affected

Cempa Community Care Data Breach Exposes Social Security Numbers

ChatGPT gets new security feature to fight prompt injection attacks

Chinese Bots Targeting Websites of Government Portals, Paranormal Activity Blogs

Chrome browsers under attack as Google releases emergency patch for zero-day exploit

CISA Alerts on Critical ZLAN ICS Flaws Enabling Full Device Takeover

CISA gives federal agencies 3 days to patch actively exploited BeyondTrust flaw

City of Marietta hit by nationwide ransomware attack

Critical SCCM Vulnerability Turns Enterprise Management Tools Into Prime Hacker Targets

Critical Thinking Erosion: A Hidden Threat to Security Career Resilience

Cyble Threat Report Flags Supply Chain Ransomware Risk

Data breach at Odido: responsibility and compensation under discussion

Data Breach Settlements Agreed by Centrelake Medical Group & Des Moines Orthopaedic Surgeons

Disney agrees to record $2.75 million CCPA fine over opt-out violations in California

DragonForce ransomware group targeted 363 companies in just two years

Dutch operator suffers a 6 million account data breach

Eurail says stolen traveler data now up for sale on dark web

Everest ransomware gang claims Atlas Air breach, warns Boeing data at risk

Exploited React2Shell Flaw By LLM-generated Malware Foreshadows Shift in Threat Landscape

Fake ‘Antivirus’ App Spreads Android Malware, Steals Banking Credentials

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

Figure Technologies Data Breach: Blockchain Fintech Giant Exposed by Phishing Attack

Flagship Bank Data Breach Exposes Social Security Numbers

Google Ads and Claude AI Abused to Spread MacSync Malware via ClickFix

Google Chrome Fixes Actively Exploited CVE-2026-2441 Bug

Google identifies Gemini use in cyberattacks, phishing, malware development

Google patches Chrome vulnerability with in-the-wild exploit (CVE-2026-2441)

Google patches first Chrome zero-day exploited in attacks this year

Google Warns of In the Wild Exploit as It Patches New Chrome Zero Day

Government Data Breach Sparks Fears Millions May Need New Social Security Numbers

Hacker Seized Laptop Through AI App With Zero Clicks

High-Severity Chrome 0-Day Vulnerability Enables Remote Code Execution

How Nigeria’s 24-Hour Data Breach Notification Rule Protects Mobile Users

INC Ransomware Data Breach Hits Nang Kuang Pharmaceutical

India Faces Cyber Attack Surge: Over 3,100 Weekly Cyberattacks as AI-Driven Automation Transforms Digital Threat Landscape

Infostealer Evolves to Target AI Agents, OpenClaw Configurations

Infostealer malware found stealing OpenClaw secrets for first time

Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens

Jamaica: KPMG reports data breach

Japanese sex toys maker Tenga discloses data breach

Ledger and Trezor Users Security Alert: Seed Phrase Phishing Attempts Sent by Mail

LockBit 5.0 Emerges: Cross-Platform Ransomware Now Targeting Windows, Linux, and ESXi Systems

LockBit 5.0 ransomware expands its reach across Windows, Linux, and ESXi

LockBit’s New 5.0 Version Attacking Windows, Linux and ESXI Systems

London: Tube passengers targeted in text scam, court told

Man arrested for demanding reward after accidental police data leak

Maze ransomware: How it works and how to stay protected

Mobi UZ Data Breach: Complete Corporate Network Compromise

Most ransomware playbooks don't address machine credentials. Attackers know it

New Chrome Zero-Day (CVE-2026-2441) Under Active Attack - Patch Released

New phishing campaign weaponises fake video conference invites

New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft

Nigeria Data Protection Commission (NDPC) investigates Temu for alleged data breach

Nigeria Data Protection Commission (NDPC) probes e-commerce platform Temu over data breach

Noodlophile Malware Authors Use Fake Job Ads and Phishing Schemes to Evolve Tactics

Noodlophile Malware Creators Evolve Tactics with Fake Job Postings and Phishing Lures

North Korean hackers target users of top Ethereum wallet MetaMask

Odido Breach Impacts Millions of Dutch Telco Users

Odido hackers pretended to be an IT employee to breach corporate system

Operation DoppelBrand Weaponizes Trusted Brands For Credential Theft

Ordre des experts-comptables de Bretagne Hit by 859GB Data Breach

Over 500,000 VKontakte (VK) accounts hijacked through malicious Chrome extensions

OysterLoader Evolves With New C2 Infrastructure and Obfuscation

Phishing Attacks Leverage Zoom, Teams, Google Meet Invites

Phishing Binance: the fake ‘Additional Verification Required’ email targeting users’ credentials

Phishing Lures Spread XWorm Remote Access Trojan

Ransomware Attacks on schools diminished in the year 2025

Ransomware Attacks Surge 30% Globally, US Remains Primary Target

Ransomware gangs are using employee monitoring software as a springboard for cyber attacks

Ransomware Surges 30% Above 2025 Average; Supply Chain & ICS Threats Rise

Researchers Uncover OysterLoader, an Advanced Obfuscated Loader Powering Rhysida Attacks

Rhysida Ransomware Delivered via Fake PuTTY and Google Authenticator

Rising Phishing Campaigns Linked To Dreamflow.app

Sex toy firm hit by data breach - Tenga says hacker infiltrated systems, stole customer data

SMEs Wrong to Assume They Won’t Be Hit by Cyber-Attacks, National Cyber Security Centre (NCSC) Boss Warns

Staying Safe From Crypto Phishing Attacks in 2026

Steel Encounters Data Breach Exposes Social Security Numbers

Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers

The Olympics Are Going Mobile - Your Security Strategy Has to Follow

Tulsa Airport Data Breach: What the Tulsa Airports Improvement Trust (TAIT) Security Incident Means for Travelers and Aviation Privacy

US: Nationwide ransomware attack disrupts online business license payments in Marietta

Vulnerabilities in Password Managers Allow Hackers to View and Change Passwords

Washington Hotel in Japan discloses ransomware infection incident

youX Data Breach: Australian FinTech Platform Compromised

Ransomware Operator Claims - Week 6 2026

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 2nd February and 8th February 2026, kindly assisted by our partners.

DBD discovered and researched 182 Ransomware Victims over 38 Countries and Islands claimed by 34 Data-Leaking Ransomware Operators, including 2 Newly Discovered Ransomware Operators last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Data Breaches Digest - Week 7 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 9th February and 15th February 2026.

15th February

AI phishing in 2026: How to spot new attack when grammar is perfect

Canada Goose investigating as hackers leak 600K customer records

Cyberattacks top risk rankings across G7 countries

Interpol backroom warriors fight cyber criminals 'weaponising' AI

Ledger and Trezor customers face new phishing campaign

Lumma Stealer and Ninja Browser malware campaign abusing Google Groups

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Phishing, Smishing, or Vishing? Learn How Fraudsters Empty Your Bank Account

South Korea: Phishing Campaign Targets Corporate Email Users With Government Impersonation

14th February

287 Chrome Extensions Caught Harvesting Browsing Data from 37 Million Users

Blockchain lender Figure confirms data breach

Blockchain Lender Figure Suffers Devastating Data Breach After Insider-Enabled Hack

Breach fatigue grows as phishing and account takeovers get harder to spot

China’s covert cyber attack platform targets critical infrastructure of neighbouring nations

Doorbell surveillance backlash intensifies after Ring scraps Flock deal, FBI retrieves ‘inactive’ Nest footage

Feeling lonely on Valentine's? Attorneys have a crypto warning for you

Figure Technologies Data Breach: ShinyHunters Exposes Customer Info at Public Blockchain Lender

Fintech firm Figure disclosed data breach after employee phishing attack

Homeland Security reportedly sent hundreds of subpoenas seeking to unmask anti-ICE accounts

Jeffrey Epstein spent years building ties to well-known hackers

Looking for love this Valentine’s Day? US romance scam hotspots revealed

Marietta Businesses Face Payment Disruptions Due to Ransomware Attack on BridgePay Network Solutions

New Dark Web Forum “Kurd Hacker Forum” Emerges Targeting Middle Eastern Data Breaches

Nigerian Communications Commission (NCC) Orders Telcos Inform Subscribers of Data Breach within 48 Hours

Odido Reports Major Data Breach Affecting Lakhs

One threat actor responsible for 83% of recent Ivanti RCE attacks

Publicly Traded Blockchain Lender Figure Confirms Customer Data Breach

Snail mail letters target Trezor and Ledger users in crypto-theft attacks

13th February

8,000+ ChatGPT API Keys Left Publicly Accessible

Adversaries Exploiting Proprietary AI Capabilities, API Traffic to Scale Cyberattacks

AI-Driven Phishing and QR Code Quishing Surge in 2025 Spam and Phishing Report

AI-driven ransomware attacks surge, most go unreported

Atlas Air dismisses Everest ransomware attack claims

Attackers are moving at machine speed, defenders are still in meetings

Canandaigua Emergency Squad Warns About Email Phishing Attempt

Check Point Warns of 44% Surge in Valentine’s Day Phishing Ahead of 14th February

Chez Switch Data Breach Exposes 19,000 Customer Records

CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA orders federal agencies to patch exploited SolarWinds, Apple, Microsoft bugs within weeks

CISA Warns of Actively Exploited SQL Injection Flaw in Microsoft Configuration Manager

Claude LLM artifacts abused to push Mac infostealers in ClickFix attack

Coupang denies allegations that hacker tried to blackmail company with list of adult product customers

Coupang Denies Blackmail Claims Over Data Breach

Cyber risk is becoming a hold-period problem for private equity firms

D&L Parts Data Breach Exposes PII

Data Theft Surges to 96% of Ransomware Attacks

Dragonforce Ransomware Breaches Yelete Group and Empire Express

Dutch Telecom Giant Odido Announces Data Breach Exposing 6.2 Million Customers’ Sensitive Information

Dutch Carrier Odido Discloses Data Breach Impacting 6 Million

Dutch Telecom Operator Odido Suffers Major Data Breach Affecting Over 6 Million Accounts

Emergency Medical Services Authority & Compassion Health Care Settle Data Breach Litigation

Europe may roll back some of its strict privacy rules

Even ransomware actors tire of complicated encryption

Fake AI Assistants in Google Chrome Web Store Steal Passwords and Spy on Emails

Fake job recruiters hide malware in developer coding challenges

Fintech lending giant Figure confirms data breach

First Contact Health in Guernsey makes changes after data breach

Frisco Utility Bills: Online Payments Down From Ransomware; City Waives Penalties

Gmail Users Beware: Scary ‘Subpoena’ Email Scam Strikes Hard

Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations

Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs

Guernsey: Data Protection Authority sanctions First Contact Health following phishing breach

Gustave Data Breach: Fleet Management Database for Sale

Hacker Linked to Epstein Removed from Black Hat Conference: Vincenzo Iozzo Scrubbed from the Website

Hackers haven’t replaced humans with AI yet, but they’re certainly trying

Hackers probe, exploit newly patched BeyondTrust RCE flaw (CVE-2026-1731)

Hefty sanctions against Louis Vuitton, Christian Dior and Tiffany: luxury brands fined billions for massive data leaks

IcedID malware creator fakes own death to escape FBI, still gets busted

Increased email spam & phishing threats in APAC region detected

Indian pharmacy chain giant exposed customer data and internal systems

Industrial Ransomware Threats Are Escalating

Issaqueena Pediatric Dentistry PA Data Breach Exposes PHI and PII

Louis Vuitton, Dior, and Tiffany fined $25 million over data breaches

Major hack of Dutch telco Odido was a classic case of social engineering

Major telco breach sees 6.2 million users have personal info leaked - here's what we know so far

Malicious Chrome Extensions: AiFrame Exploits AI Popularity, Another Steals Meta Business Suite Data

Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History

Max Messenger: A fake data breach with genuine consequences

Millions of smart homes at risk as Shelly flaw lets hackers open doors and garages

Most Security Incidents Involve Identity Attacks

Munich Security Conference: Cyber Threats Lead G7 Risk Index, Disinformation Ranks Third

Municipalidad Distrital de Mejía Data Breach Exposes Citizen Form Data

MV Financial Data Breach Exposes SSNs and other PII

Nassau OOGP Vision Group Data Breach Affects Customers

New XWorm RAT Campaign Leverages Phishing and CVE-2018-0802 Excel Exploit to Bypass Detection

New XWorm RAT Campaign Uses Themed Phishing Lures and CVE‑2018‑0802 Excel Exploit to Evade Detection

Nigeria: 23 victims freed from scam slavery - death and organ harvesting for missed quotas

North Dakota School District Loses $4.9 Million to Email Scam

Odido CRM Data Breach Exposes 6.2 Million Customer Records

Odido cyberattack exposes personal data of 6.2 million customers in the Netherlands

OysterLoader Evasion Tactics Exposed: Advanced Obfuscation and Rhysida Ransomware Ties Uncovered

OysterLoader Multi‑Stage Evasion Loader Uncovered with Advanced Obfuscation and Rhysida Ransomware Links

Peabody alerts residents about data breach. Expert says cities and towns are "treasure trove" for hackers

Phishing Campaigns Target Users with Fake Meeting Invites and Update Alerts via Zoom, Teams, and Google Meet

Police arrest distributor of JokerOTP password-stealing bot

Progress Foundation Data Breach Exposes SSNs

Qilin attack-related breach confirmed by Conpet

Qilin ransomware gang claims theft of 1TB of data from Romania’s oil pipeline operator Conpet

Ransomware attacks increase against IT and food sectors

Ransomware attacks up almost 50 percent in 2025

Ransomware Groups Claimed 2,000 Attacks in Just Three Months

Ransomware Hackers Targeting Employee Monitoring Software To Access Computers

Report highlights supply chain attack threat

RES Exhibit Services Data Breach Exposes SSNs, Financial Details, and More

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

Ring ends partnership plans with Flock days after privacy blowback from Super Bowl ad

Safeguarding Solar Energy Through Smarter Cybersecurity

Sex toys maker Tenga says hacker stole customer information

Should you pay ransomware actors?

Siem Srl Targeted by SpaceBears Ransomware Attack

Sophisticated RustyRocket malware added to WorldLeaks ransomware’s arsenal

South Korea fines Louis Vuitton, Christian Dior, Tiffany $25M for SaaS security failures

South Korea fines LVMH brands $25 million over customer data breach

South Korea publishes investigation results into Coupang data breach

State College Borough investigating cyber attack that impacted services

State-Backed Hackers Use Gemini AI for Cyberattacks Aimed at Cyber Espionage

Substack Data Breach Leaks Nearly 700,000 User Records

Surge in AI-Driven Phishing Attacks and QR Code Quishing in 2025 Spam and Phishing Report

Terra Holdings Data Breach Exposes SSNs

Texas attorney general launches investigation into Conduent breach

Texas Probes Massive Health Data Breach Impacting Millions

The $17 Billion Wake-Up Call: Securing Crypto in the Age of AI Scams

The Gentlemen Ransomware Hits Autostrad & Emirates National Group

Two teenagers accused of 'highly sophisticated' £39 million cyber-attack on Transport for London (TfL) are kept behind bars as trial date is confirmed

UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors

Valentine’s Day 2026: Inside the Industrial-Scale Romance Scam Economy

Vanguard Data Breach Exposes Social Security Numbers

Viral AI Caricatures Highlight Shadow AI Dangers

Welcome Savings Bank Seomyeon branch prevents 16 million won voice phishing loss

What Interoperability in Healthcare Really Means for Security and Privacy

Why secure Operational Technology (OT) protocols still struggle to catch on

Windows LNK exploits allow malicious payload deployment

Windscribe Confirms Dutch Authorities Seized One of Its VPN Servers

Winona County gives update on ransomware incident affecting computer network

Winona County provides update on recent ransomware attack

WIRX Pharmacy Data Breach Exposes PHI and PII

York City cyberattack prompted $500K ransom payout, former mayor says

12th February

83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

42,900 OpenClaw Exposed Control Panels and Why You Should Care

A Match Made in Heaven: How Valentine’s Day Fuels Seasonal Phishing Attacks

After Poland cyberattacks, CISA warns US energy sector to change default passwords

AI is Supercharging Romance Scams with Deepfakes and Bots

AI Skills Represent Dangerous New Attack Surface

AMOS infostealer targets macOS through a popular AI app

APGO Taiwan Data Breach: 12,000 Customer Records Leaked

ApolloMD Data Breach Impacts 626,000 Individuals

ApolloMD data breach impacts 626,540 people

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices

Apple fixes zero-day flaw exploited in targeted attacks (CVE-2026-20700)

Atlas Air attackers warn Boeing intellectual property at risk in suspected supply chain hack

Bithumb warns against phishing posing as compensation for misdirected bitcoin

Black Hat Removes Hacker Linked To Epstein

BlackFog’s 2025 State of Ransomware Report Reveals 49% Increase in Attacks Year on Year

BQTLock and GREENBLOOD Target Organizations With Ransomware Attacks

Bryan Texas Utilities (BTU) restores credit card payments after vendor ransomware attack

California fines Disney $2.75 million for data privacy violations

Cedar Point Health Data Breach Exposes PII and PHI

Claude AI assistant is one calendar invite away from total system compromise

Cloud teams are hitting maturity walls in governance, security, and AI use

Cottage Hospital data breach exposes 1,600 personal records

Critical Apple Flaw Exploited in ‘Sophisticated’ Attacks, Company Urges Rapid Patching

Critical BeyondTrust RCE flaw now exploited in attacks, patch now

CryptoXScanner Data Breach - 14,000 User Records Leaked

Cyber attack on North Ferry’s payment system

Cybercriminals Exploit Employee Monitoring and SimpleHelp Tools in Ransomware Attacks

Dark Web Profile: The Gentlemen Ransomware

Data breach incidents at Yorkshire Ambulance Service 'on the rise'

Data extortion intrusions spike

‘Dead’ Outlook add-in hijacked to phish 4,000 Microsoft Office Store users

Discord Voluntarily Pushes Mandatory Age Verification Despite Recent Data Breach

DragonForce Ransomware Group Expands Its Influence with Cartel-like Operations and Targeting 363 Companies Since 2023

DragonForce Ransomware Group Targets 363 Companies, Expands Cartel-Like Operations Since 2023

Dutch mobile phone giant Odido announces data breach

Dutch police arrest 21-year-old for alleged involvement in JokerOTP password stealer

Dutch telco Odido suffers data breach exposing data of 6.2 million customers

EgyptAir refutes allegations of employee data breach

Fake AI Chrome extensions with 300K users steal credentials, emails

Fishman, Larsen & Callister Data Breach Exposes PII

Food and Ag-ISAC reports 82% surge in ransomware attacks as Qilin, Akira and CL0P lead campaigns against sector

Global Cyber Attacks Rise In January 2026 As Ransomware Activity Increases And GenAI-Driven Data Exposure Expands

Google Exposes AI Weaponization in Cyber Attack Wave

Google Reports State Hackers From Four Nations Exploited Its Gemini AI

Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

Google says hacker groups are using Gemini to augment attacks - and companies are even ‘stealing’ its models

Google says hackers are abusing Gemini AI for all attacks stages

Google Says Scam Tactics Are Evolving Through AI Usage

Google Threat Intelligence Group (GTIG) Analysis Exposes Growing Cyber Threats To Military Infrastructure

Hacker linked to Epstein removed from Black Hat cyber conference website

Hacker Reveals Over 3 Billion Emails in Massive Data Leak

Hackers ditch noisy ransomware for stealthy data theft

Hackers Hijack Outlook Add-In to Steal 4,000+ Microsoft Accounts

Hackers turn bossware against the bosses

Healthcare Remains the Sector Most Targeted by Ransomware Groups as Attacks Increase 49% YOY

Huge OneFly data breach sees traveler IDs and payment details leaked

INC Ransomware Hits Tourigny, Chadwick, Aux, and HF Planners

India: How Central Bureau of Investigation (CBI) busted a national cyber gang that used thousands of illegal SIMs to dupe people

India Brings AI-Generated Content Under Formal Regulation with IT Rules Amendment

Institute for Human Resources and Services Data Breach Exposes Sensitive PII and PHI

iOS 26.3 Fixes an Important Security Flaw Exploited in Targeted Hacker Attacks. Update Now!

IRS Data Breach Sparks Outcry Over Immigration Deal

Java security work is becoming a daily operational burden

Kenya: Phone hacker busted in Eldoret with 13 stolen phones and hacking equipment

Kenya: Suspected phone hacker nabbed in Turbo as police recover flashing tools, devices

Korean units of Louis Vuitton, Dior, Tiffany fined $24.9 million over customer data leaks

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

Malicious Microsoft Outlook Add-in Stole 4,000 Account Credentials and Credit Card Details

Malicious Outlook Add-In ‘AgreeToSteal’ Compromises 4,000 Accounts via Subdomain Takeover

McDonald’s faces data breach as AI recruitment chatbot shared applicants’ info

Microsoft: New Windows LNK spoofing issues aren't vulnerabilities

Microsoft Outlook Add-in Stolen 4,000 Microsoft account Credentials and Credit Card Numbers

Microsoft’s February Patch Tuesday Fixes 6 Zero-Days Under Attack

Minnesota Sends $1.2 Million to Aid St. Paul Cyber Attack Recovery

More than half of Denmark’s municipalities warned over Google data violations

More US investors sue South Korean government over handling of Coupang data breach

Naming and shaming: How ransomware groups tighten the screws on victims

Nation-State Hackers Embrace Gemini AI for Malicious Campaigns

Nation-state hackers ramping up use of Gemini for target reconnaissance, malware coding, Google says

Nonprofit health system hit by two data breaches settles class-action lawsuit for $14 Million

Odido cyber attack: Hackers gained access to 6.2 million people's data

Odido data breach exposes personal info of 6.2 million customers

Odido Telecom Suffers Cyberattack - 6.2 Million Customer Accounts Affected

Payroll Fraud: Direct Deposit Attacks Target Payroll Systems Like Workday via Social Engineering

Peabody Residents Victimized In Cyber Attack On City Systems

Personal data of 6.2 Million Odido customers breached

Personalis Data Breach Potentially Exposes PII and PHI

Phishing campaign chains old Office flaw with fileless XWorm RAT to evade detection

'Pinay Gold Medalist' Video Links Going Viral: What to Know About Zyan Cabrera's Clips Before Clicking

'Pinay Gold Medalist' Viral Video Links Found Mostly On Telegram? Why Scandal, Phishing Links Spread On Messaging App

Poisoning of AI Buttons for Recommendations Rise as Attackers Hide Instructions in Over 50 Web Links, Microsoft Warns

Polish hacker charged seven years after massive Morele.net data breach

Promptware - Hackers Can Use Google Calendar Invites to Stream Victims’ Cameras via Zoom

Promptware Attack Lets Hackers Weaponize Google Calendar Invites to Spy via Zoom Camera

Qilin Ransomware Breaches Sakata Seed, Conectados, Campbell Rappold, Derbez, Ducasse, and On-Point Defense

Ransomware Attacks Amplified by Employee Monitoring Software Exploits

Ransomware gang abuses legitimate software for network persistence

Repediu Data Breach Exposes Over 21 Million Customer and User Records

Romania's oil pipeline operator Conpet confirms data stolen in attack

Security experts warn Discord age checks create "identity honey pot" as teens find bypasses

Shadow AI: The Invisible Insider Threat

SmarterMail facing widespread attacks targeting critical flaws

SmarterMail flaw exploited in China-linked ransomware push

SMS and OTP Bombing Campaigns Found Abusing API, SSL and Cross-Platform Automation

South Korea confirms scale of Coupang data breach

South Korea fines Louis Vuitton, Dior and Tiffany $24.9 million over customer data breaches

Supply chain attacks now fuel a 'self-reinforcing' cybercrime economy

Suspected JokerOTP phishing tool seller arrested in Netherlands

Taiwan Government Agencies Faced 637 Cybersecurity Incidents in H2 2025

Telegram Data Breach allegedly exposes details of 200 million Users

Terry Reilly Health Services Data Breach: 5,421 Affected

Texas attorney general investigates massive data breach affecting 4 million Texans

The FBI Recovered “Deleted” Nest Cam Footage - Here’s Why Every CISO Should Panic

The Gentlemen Breaches Clark Foam, Ghana Bauxite, Thammasat, Erg Otoyol, and WCT Holdings

The Mortgage Firm Data Breach Exposes PII

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond

Threat Actors Leveraging Employee Monitoring and SimpleHelp Tools to Deploy Ransomware Attacks

Time to Exploit Plummets as N-Day Flaws Dominate

Toll of Georgia health firm hack exceeds 620K

Travel company hit by prolonged data breach leaving thousands of customers' details exposed for months

Trenchant Boss Sold Advanced Cyber Tools that Could Compromise Millions of Computers Worldwide to Russian Broker

Volvo Falls Victim of a Data Breach

Volvo Group says 16,991 employees affected as Conduent data breach grows to 25 million people

WebKit flaws lead Apple to release urgent update for iPhones and block hacker attacks

When security decisions come too late, and attackers know it

Who's the bossware? Ransomware slingers like employee monitoring tools, too

Windows Notepad Markdown feature opens door to RCE (CVE-2026-20841)

WordPress plugin with 900k installs vulnerable to critical RCE flaw

World Leaks Ransomware Group Adds Stealthy, Custom Malware ‘RustyRocket’ to Attacks

You may now remove your ID from Google search results, but will it disappear from the web?

'Your data is public': Hacker warns victims after leaking 6.8 billion emails online

11th February

25 Million Americans’ sensitive data at risk in one of the biggest US data breaches

A cyberattack on the U.S. healthcare system: The wife of the Kazakh hacker arrested in Italy: "Don't extradite him."

AI Agents Leak Data via Messaging App Link Previews as AI Adoption Has Outpaced Security Governance

AI to Supercharge Cyber Threats in 2026: Global Ransomware Losses Expected to Near ₹6.1 lakh crore

Apple fixes zero-day flaw used in 'extremely sophisticated' attacks

APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

APT36 Targets Linux Systems With New Disruption Tools

Arts Centre Melbourne deploys MDR services to contain phishing incident

Automotive Giant Volvo Employee Information Exposed via Third-Party Conduent Data Breach

BeyondTrust critical vulnerability: thousands of hosts and nearly 200K web properties discovered

BravoX Hits Vatier, John O’s, Fusion Hill, SPEC, WVPCA, Hood River

Bring Your Own Vulnerable Driver (BYOVD) technique embedded in nascent Reynolds ransomware

Canadians lost $43 million to spear phishing in 2025: Here’s how scammers use social media to target you

Cephalus Ransomware Emerges as Go-Based Double-Extortion Threat Exploiting Exposed RDP Access

Cephalus Ransomware Emerges as Go-Based Double-Extortion Threat Targeting Exposed RDP

Cephalus Ransomware Exploits Exposed RDP in Double-Extortion Attacks

CISA flags six actively exploited Microsoft zero-days

Cl0p Ransomware Attacks Anstech, Hudson Executive, CFDT, and 22 Others

Coinbase Cartel Prioritizes Data Theft in Targeted Extortion Campaign

Conduent Breach Hits Volvo Group: Nearly 17,000 Employees’ Data Exposed

Conduent data breach might have been much worse than initially expected

Coupang Delivery Data Breach: 140 Million Accesses Considered Leaks

Coupang Delivery Info Accessed 140 Million Times in Hack

Crazy ransomware gang abuses employee monitoring tool in attacks

Critical Notepad vulnerability reignites criticism of Microsoft’s forced AI features

Critical UUID Flaw in Fiber v2 on Go 1.24+ Enables Session Hijacking and CSRF Bypass

Cyber Attack Disrupts Local Government Payment Systems

Cyberattacks shift to stealthy, long-term access over ransomware

Cybersecurity expert explains impact of ransomware attack halting online payments for Bryan Texas Utilities (BTU) customers

Cybersecurity Lapses Cost FIIG Securities ₹13.5 Crore as Court Imposes Landmark Penalty

Data breach affecting 11 physician practices confirmed to impact 627K patients

Data breach reported at Tulsa International Airport, no impact in operations

Department of Justice (DOJ) says Trenchant boss sold exploits to Russian broker capable of accessing ‘millions of computers and devices’

Desktop Window Manager Zero-Day Vulnerability Allows Privilege Escalation

Digital squatters are weaponizing your muscle memory to steal passwords

Emerging Ransomware BQTLock and GREENBLOOD Drive Rapid Business Disruption

Evolving Phishing Tactics: Understanding the Psychological Manipulation Behind Cyberattacks in 2026

Fake Azure Support Scams Spread via Malicious Bing Advertisements

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

FortiOS Authentication Bypass Vulnerability Allows Attackers to Bypass LDAP Login

Forum of Incident Response and Security Teams (FIRST) Forecasts Record-Breaking 50,000+ CVEs in 2026

From 10 Million to 25 Million: Conduent Breach Balloons Into One of 2025’s Largest

GDQuest Data Breach: 37,000 User Records Leaked

Generative AI Cyber Threats 2026: Deepfake Fraud Scams and Synthetic Identity Fraud Deepfakes Surge

Georgia healthcare company data breach impacts more than 620,000

Georgia housing authority hit by Qilin ransomware, applicant data exposed

Global cyberattacks rise in January 2026 as ransomware activity increases and GenAI-driven data exposure expands

Google and Shein pay up: French data watchdog hands out €486M in fines

Google Search introduces new ways to remove sensitive personal information and explicit images

Hacker reveals 6.8 billion emails online and warns victims “your data is public”

Hackers Use LLM to Create React2Shell Malware, the Latest Example of AI-Generated Threat

India: 12 Lakh SIM Cards Cancelled, over 3 Lakh IMEI Numbers Blocked as Centre Intensifies Crackdown on Cybercrime

Ivanti Endpoint Manager Vulnerability Allows Remote Attackers to Leak Arbitrary Data

Ivanti EPMM exploitation: Researchers warn of “sleeper” webshells

Japan Airlines says up to 28,000 users affected by data breach

Joint probe finds 33.67 million accounts affected in Coupang data breach

Kaspersky identifies 50 cyber-attack victims of Stan Ghouls

LummaStealer infections surge after CastleLoader malware campaigns

McLaren Health agrees to $14 Million settlement over two data breaches

Microsoft February 2026 Patch Tuesday Fixes 54 Vulnerabilities, Including 6 Zero-Days

Microsoft Fixes Six Zero Day Vulnerabilities in February Patch Tuesday

Microsoft Patch Tuesday: 6 exploited zero-days fixed in February 2026

Microsoft Patch Tuesday February Update Flags Exchange and Azure Vulnerabilities as High-Priority Risks

Microsoft Patches 59 Vulnerabilities Including Six Actively Exploited Zero-Days

Microsoft says hackers are exploiting critical zero-day bugs to target Windows and Office users

Microsoft Store Outlook add-in hijacked to steal 4,000 Microsoft accounts

Microsoft Word Zero-Day Vulnerability Allows Attackers to Bypass Security Features

North Ferry’s payment system victim of cyber attack: Pass holders will still gain access to ferries

North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations

North Korean Hackers Use Deepfake Video Calls to Target Crypto Firms

North Korean Operatives Impersonate Real Professionals on LinkedIn, the Security Alliance Warns

Northern Ireland police officers offered data breach compensation

0APT ransomware group rises swiftly with bluster, along with genuine threat of attack

Ohio: Wooster-area counseling center submits notice of data breach

OneFly Data Breach: 1000s of IDs & Credit Cards Leaked

Onesource Industries Takes Website Offline Following Phishing Attack Detection

Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms

Phishing campaign exploits Pride Month to target employees

Phishing emails posing as Momo e-invoice prize notices circulate in Taiwan

Phishing in The Philippines Jumps 423 Percent as Cyber Threats Intensify in 2025

Phishing scams exploit Bithumb Bitcoin mispayment across South Korea

Phishing Scams in 2026: How to Spot and Avoid Them

Phishing Sites in the Philippines Jump 423% in 2025

Police arrest seller of JokerOTP MFA passcode capturing tool

Qilin admits Georgia housing authority breach, leaks files

Qilin Breaches Cox & Sanchez, Andringa Law, Mt Barker Co-Op

Ransomware attack targets Tulsa International Airport

Ransomware hackers say NO to Data Exfiltration and YES to Encryption

Reynolds ransomware uses BYOVD to disable security before encryption

Romance, Fake Platforms, $73 Million Lost: Crypto Scam Leader Gets 20 Years

Security teams are paying for sprawl in more ways than one

Singapore: Public warned of Land Transport Authority (LTA) and Royal Malaysia Police phishing scams targeting travellers

Singapore travellers lose S$24,000 in Malaysia toll phishing scam

Singapore travellers to Malaysia lose S$24,000 in phishing scams

SmarterMail Users Urged to Update After Ransomware Exploitation by Storm-2603

South Korea blames Coupang data breach on management failure, not sophisticated attack

South Korea jails Thai voice-phishing team leaders up to 14 years

Southern Oregon neurosurgery clinic sued over data breach

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Surge in Ransomware Incidents Prompts Federal Cybersecurity Guidance and Enforcement Across Sectors

Telegram Data Breach: Over 200 Million User Records Exposed

Telemon SRL Data Breach Exposes 42,000 User Records Including Debt Data

Thousands of Volvo customers possibly affected in major data breach - 17,000 affected, here's what we know

Travelers beware: thousands of customer IDs and full payment details leaked

Tulsa International Airport hit with ransomware attack

Tulsa International Airport Reports Ransomware Attack, Says Flights Not Impacted

US Court Hands Crypto Scammer 20 Years in $73m Case

Volvo Group hit in massive Conduent data breach

Wales: Too many firms unprepared for cyber attack risk

Weaponising AI: The New Cyber Attack Surface

What is Phishing?

Windows 11 Notepad flaw let files execute silently via Markdown links

Windows Shell Zero-Day Vulnerability Allows Attackers to Bypass Authentication

10th February

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

200 Million+ Telegram user records shared on a data leak forum

AI hacking platform WormGPT has user data leaked, attackers claim

AI-Generated Malware Exploits React2Shell Vulnerability as LLM-Assisted Cyberattacks Target Cloud Infrastructure

APT36 Hacker Group Attacking Linux Systems with New Tools to Disturb Services

Archive.today is hiding a script that turns visitors into DDoS attackers

Armed with new tools, North Koreans ramp up attacks on lucrative crypto sector

Attackers exploit SolarWinds vulnerability to deploy ransomware

Attackers Weaponize Windows Shortcut Files to Deploy Global Group Ransomware

Attackers Weaponizing Windows Shortcut File to Deliver Global Group Ransomware

Australia Alerts Frequent Flyers as Qantas Loyalty Points Become Prime Target in Nationwide Phishing Surge

Betterment data breach exposes 1.4 million accounts

Bloody Wolf Hackers Deploy NetSupport RAT In Targeted Attacks

Capita data-breach claims can go ahead, rules High Court

Chinese crypto scammer sentenced in absentia to 20 years after fleeing US

Claude Desktop Extensions Zero-Click RCE Flaw Exposes Over 10,000 Users to Silent Attacks

Coupang obstructed Korean probe into data breach, Korean ministry says

Criminals blackmail toothbrush manufacturer Trisa

Critical Gogs Vulnerability Enables Remote Command Execution and 2FA Bypass

Cyberattack disrupts Senegal ID department’s operations

Cybersecurity group identifies person behind Manage My Health hack

Data breach that went unnoticed in October 2024 may have left millions of Americans vulnerable

“Digital Parasite” Warning as Attackers Favor Stealth for Extortion

Discord users will have to scan their entire face for full access after hackers stole 70,000 government IDs in data breach

Discord’s Mandatory Face Scan Faces Backlash Amid Data Breach

Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data

ENISA Updates Its International Strategy to Strengthen EU’s Cybersecurity Cooperation

European Commission hit by cyber attack targeting mobile presence

European Governments Breached in Zero-Day Attacks Targeting Ivanti

European Union probes cyberattack on mobile device management systems after limited staff data exposure

Expect “relentless barrage” of cyberattacks on defense industry, Google says

Face scans and ID checks are coming to Discord

Fake Out: 0APT Data-Leak Ransomware Group Branded a Scam

Fancy Bear Hackers Abuse Microsoft Zero-Day in Email Theft Campaign

Federal Communications Commission (FCC) Urges Communications Providers to Strengthen Ransomware Defenses

Federal Trade Commission (FTC) Details Ransomware Threat, Tech Support Scams in Annual Cyber Report

FIIG Securities faces $2.5m fine following 2023 cyber attack

FIIG Securities Fined AU$2.5 Million Following Prolonged Cybersecurity Failures

Foreign state spies infiltrate high-profile Signal accounts without hacking: two tricks abused

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

From Ransomware to Residency: Inside the Rise of the Digital Parasite

Fugitive behind $73 Million 'pig butchering' scheme gets 20 years in prison

Germany warns of state-linked phishing campaign targeting journalists, government officials

Google sent personal and financial information of student journalist to ICE

Hackers siege Ivanti EPMM with thousands of IPs, dozens of organizations compromised

How AI is reshaping attack path analysis

Huge stalkerware data breach sees 500,000 records leaked by hacktivists

Inc Ransomware Claims Attack on US Construction Firm Core Supply

Indonesia Investigates Claims of 58 Million Student Data Breach

Instructing AI to “act drunk” may help bypass security guardrails

Ivanti Zero-Day Vulnerabilities Exploited in Global Cyberattacks, Dutch Government Breached, Possibly European Commission

Joint probe finds 33.6 million accounts exposed in Coupang data breach, dwarfing initial claim

Joint Team Finds Data from over 33 Million Users Comprised in Coupang's Data Breach

Just 11% of UK healthcare breaches account for 65% of data exposed

Legal Aid Service Data Breach Exposes Sensitive PHI and PII

Lone Star Pain Relief Data Breach Exposes PII of 500 Texans

Malicious 7-Zip site distributes installer laced with proxy tool

Malicious LNK Files Used to Deploy Global Group Ransomware Worldwide

Microsoft February 2026 Patch Tuesday fixes 6 zero-days, 58 flaws

Montana Department of Labor warns of email phishing scam

Most Engagement Data Is Compromised and That’s a Major Security Problem

National Cyber Security Centre (NCSC) Issues Warning Over “Severe” Cyber-Attacks Targeting Critical National Infrastructure

New Cybercrime Group 0APT Accused of Faking Hundreds of Breach Claims

New Linux botnet SSHStalker uses old-school IRC for C2 comms

New Mobile Spyware ZeroDayRAT Targets Android and iOS

New Ransomware Embeds BYOVD Technique to Evade Endpoint Detection

North Korean hackers targeted crypto exec with fake Zoom meeting, ClickFix scam

North Korean hackers use new macOS malware in crypto-theft attacks

North Korean IT Workers Impersonate Professionals On LinkedIn To Secure Remote Jobs

North Korean Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies

Panda Express to automatically pay Americans $5,000 thanks to $2.45million data breach settlement

Panda Express to Pay Americans Up to $5,000 After Data Breach

Pavlus Travel Hit by PEAR Ransomware: 380GB Data Allegedly Stolen

Phorpiex malware delivers global group ransomware via phishing

Phorpiex Phishing Delivers Low-Noise Global Group Ransomware

'Pinay Gold Medalist' Zyan Cabrera Videos Are Stealing Your Social Media Passwords - Here's How

Poor cybersecurity leaves consumers exposed to ransomware

Possible Data Breach of Japan Airlines (JAL) Same-Day Baggage Delivery Service Reservation System

Pride Month Phishing Targets Employees via Trusted Email Services

Prometei Botnet Targets Windows Servers to Gain Remote Access and Deploy Malware

Qantas Warns Customers of Phishing Scams Targeting Unused Loyalty Points

Ransomware encryption to regain traction amid weakening data exfiltration tactics

Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools

Security measures helpless against critical Xiaomi Redmi Buds vulnerability

Senegal Confirms Cyberattack on Agency Managing National ID and Biometric Data

Senegal Confirms National ID Agency Breach After Ransomware Attack, Threat Actors Claim Stealing 139 GB of Data

Senegal data breach disrupts national ID issuance

Senegal shuts National ID office after ransomware attack

Senegal shuts national ID systems after ransomware group claims data theft

Sermo Data Breach Impacts 2,674: Exposes SSNs

Singapore: Police warn of phishing scams impersonating Land Transport Authority (LTA), targeting Singaporean travellers to Malaysia

Singapore says China-backed hackers targeted its four largest phone companies

Singapore Takes Down Chinese Hackers Targeting Telco Networks

Singapore telcos breached in China-linked cyber espionage campaign

Sleeperware Surges As Hackers Switch From Ransomware

Smarter machine-learning models can improve phishing website detection

SmarterMail vulnerabilities exploited in ransomware campaigns

South Korea Blames Coupang Data Breach on Management Failure, Not Sophisticated Attack

South Korea blames Coupang data breach on 'management failures,' not cyber attack

Stalkerware Data Breach: Hacktivist Leaks Over 530,000 Customer Records

Stalkerware vendor data breach exposes over half a million customer records

Staten Island University Hospital Settles Lawsuit Over Business Associate Data Breach

Trojanized 7-Zip downloads turn home computers into proxy nodes

Understanding Breaches Before and After They Happen: What Every Organization Should Know

University of Pennsylvania data leaked after University refused to pay $1 million ransom, hacker group says

Unpatched SolarWinds WHD instances under active attack

Volvo Group North America customer data exposed in Conduent hack

Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server

What Minimum Viable Cybersecurity Really Looks Like for K–12 Districts

When dating apps get hacked, your private life goes public

Windows shortcut files targeted by ransomware gang Global Group

Windows shortcut weaponized in Phorpiex-linked ransomware campaign

Workers’ Compensation Insurer Beacon Mutual Dealing With Ransomware Attack

WormGPT.AI Data Breach Exposes 19,000 Users and Payment Data

YouTube tutorials spread fake 7-zip downloads as brand impersonation and domain mix-ups put PCs at risk

ZeroDayRAT malware grants full access to Android, iOS devices

9th February

Another active exploitation of SolarWinds Web Help Desk detected

Beware of Apple Pay Phishing Attack that Aims to Steal Your Payment Details

BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and Privileged Remote Access (PRA)

BeyondTrust warns of critical RCE flaw in remote support software

Black Basta Ransomware Actors Embeds BYOVD Defense Evasion Component with Ransomware Payload Itself

Black Basta Ransomware Integrates BYOVD Technique to Evade Defenses

Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign

BridgePay Confirms Ransomware Attack, No Card Data Compromised

BridgePay hit by ransomware attack, disrupting payment gateway services

BridgePay payments system knocked offline by ransomware attack

BridgePay ransomware attack triggers nationwide card processing outage

China-Linked DKnife Spyware Hijacking Internet Routers Since 2019

Chinese cyberspies breach Singapore's four largest telcos

ClickFix access broker campaign hits Windows with Python-driven backdoors

CoinbaseCartel hacker claims American audio behemoth Dolby

Cyber Attack Hits European Commission Staff Mobile Systems

Discord faces backlash over age checks after data breach exposed 70,000 IDs

Discord to introduce face scans or ID checks for all users in global rollout, months after admitting data breach

Discord to require video selfies or government IDs to verify all users’ ages

Discord will soon ask for a face scan or ID to access sensitive content

Don’t Pay The Ransom Demand After A Ransomware Attack: Cyber Storage Resilience To The Rescue

EgyptAir Data Breach: 104k Records and HR Data Allegedly Leaked

EgyptAir Data Breach Alert: Massive Employee Records Allegedly Leaked Online

EU Officials Respond After Cyber-Attack Exposes European Commission Mobile Devices

EU, Dutch government announce hacks following Ivanti zero-days

European Commission Contains Cyber-Attack Targeting Staff Mobile Data

European Commission discloses breach that exposed staff data

European Commission hit by cyberattackers targeting mobile management platform

European Commission Hit by Mobile Management Data Breach

European Commission mobile infrastructure targeted in cyber-attack

European Commission probes cyberattack on mobile device management system

European Commission responds to cyber-attack on its central mobile infrastructure

Farcaster Data Leak Exposure: 1.3GB of Wallet and Profile Data

Fédération Française de Tir Data Breach Impacts 35,000 Members

FIIG Securities Faces $2.5M Penalty After Cyber Attack Exposes Weak Incident Response

Flickr confirms data breach, tells customers their private info may have been affected - here's what we know

Flickr Data Breach Exposes User Info via Email Provider

Flickr issues warning over possible user data exposure

Flickr moves to contain data exposure, warns users of phishing

Flickr says it may have suffered a third-party data breach

Flickr warns of data breach

Flickr’s 35 Million Users Affected by Third-Party Data Exposure

From Fileless Attacks to Identity Abuse: The Hard Truth About Ransomware in 2026

German intelligence warns of state-sponsored phishing attacks on messaging apps

Gold Medalist Viral Video Scandal 2026 Turns Out To Be A Phishing Scam: Here's What Could Happen If You Click It

Hacker Attack hits Uffizi Museum

Hacker behind one of Poland’s biggest data leaks arrested after 8 years

Hacker behind Poland’s largest ever data leaks caught after eight-year hunt

Hackers breach Dutch privacy regulator, employee data compromised

Hackers breach SmarterTools network using flaw in its own software

Hackers Deliver Global Group Ransomware Offline via Phishing Emails

Hackers exploit SolarWinds WHD flaws to deploy DFIR tool in attacks

Hackers fuel panic with claims linking crypto data leak to recent kidnappings in France

Hackers Leveraging Free Firebase Developer Accounts to Send Phishing Emails

Hackers Use Signal QR Codes to Spy on Military and Political Leaders

High Court blocks Capita bid to throw out data breach claims

High Court clears way for thousands to pursue Capita data breach claims

Illinois Man Charged in Massive Snapchat Hacking Scheme Targeting Hundreds of Women

Irish consumers warned devices such as dodgy boxes may have been compromised in cyber attack

Jacobite Matrimony Database Leak Exposes Over 1,000 User Records

Kenya’s Hidden Cybercrime Battles and the Cost of Keeping Them Private

KillSec Ransomware Group Claims Cyberattack on Nigerian Fintech Getly

Leaked technical documents show China rehearsing cyberattacks on neighbors’ critical infrastructure

Loxam reports data breach

Matomo Analytics Alleged Data Breach Exposes 12.6GB SQL Database

Men charged in FanDuel scheme fueled by thousands of stolen identities

New Federal Trade Commission (FTC) Report Says Ransomware Makes Up Just 2% of Fraud Reports

New Telegram Phishing Attack Abuses Authentication Workflows to Obtain Full Authorized User Sessions

New Telegram Phishing Scam Hijacks Login Flow to Steal Fully Authorized User Sessions

New Zero-Click Flaw in Claude Desktop Extensions, Anthropic Declines Fix

Old meets new: Kaspersky reviews the evolution of phishing threats in 2025

Payment tech provider for Texas, Florida governments working with FBI to resolve ransomware attack

Phishing Alert: Cyber criminals target politicians, military officials, journalists on Signal Messenger

Phishing and Social Engineering pose biggest cybersecurity risks for South African organisations

Possible EgyptAir Cyberattack: 104,000 Records and Sensitive Documents Allegedly For Sale

Ransomware group breached SmarterTools via flaw in its SmarterMail deployment

Ransomware Groups May Pivot Back to Encryption as Data Theft Tactics Falter

Record rise in digital squatting fuels phishing wave

Researchers Find 40,000+ Exposed OpenClaw Instances

'Reynolds' Bundles BYOVD With Ransomware Payload

Russia grants asylum to Spanish professor wanted for alleged pro-Moscow cyber operations

Rutherford Investment Company Hit by Anubis Ransomware

Senegal confirms breach of national ID card department after ransomware claims

Signal Accounts Targeted by State-Backed Phishing Campaign - Here’s How to Stay Safe

Signature Phishing Up 200% As January Losses Pass $6 Million

Singapore: 4 telcos targeted in cyber attack by threat group, no sensitive data leaked

Singapore: Telecom Cyberattack Contained, No Data Breach

Singapore launches largest coordinated cyber defense operation after targeted attack on all major telcos

Singapore Launches Largest-Ever Cyber Defense Operation After UNC3886 Targets All Major Telcos

Singapore telcos hit by China‑linked hackers UNC3886; cyber agency says no disruption, no data breach

SmarterTools hacked via its own product

SmarterTools Hit by Ransomware via Vulnerability in Its Own Product

Social Media Platforms Earn Billions from Scam Ads

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

Someone’s phishing with the Vancouver Giants

Substack CEO apologises for security breach affecting personal data

Substack Discloses Major Data Breach

TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure

Thousands of exposed Moltbot control panels may be vulnerable to takeover

Two Connecticut Men Charged In Alleged $3m Gambling Fraud Scheme

UNC3886 Cyber Espionage Group Linked to Singapore Telecom Infrastructure Cyberattacks: Singtel, StarHub, M1, Simba Telecom

US Agencies Told to Scrap End of Support Edge Devices

Use of XMRig Cryptominer by Threat Actors Expanding

VoidLink Malware Exhibits Multi-Cloud Capabilities and AI Code

Vortex Werewolf Attacking Organizations to Gain Tor-Enabled Remote Access Over the RDP, SMB, SFTP, and SSH Protocols

Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH Backdoors

Warlock Gang Breaches SmarterTools Via SmarterMail Bugs

Why Ransomware Is a Growing Threat to UCaaS and CPaaS Providers in 2026

Zimbabwe: 11 Hackers Arrested Over US$61,000 EcoCash Phishing Scam