Welcome to DBD. On March 8th 2026, DBD celebrates it's sixth anniversary and 
Dentons Senior Analyst, Washington D.C.
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 2nd March and 8th March 2026.4th March
Australia: It’s time schools moved beyond passwords
3rd March
1.2 Million Affected by University of Hawaii Cancer Center Data Breach
1.2 Million Impacted As Heartless Hackers Attack Cancer Center In Ransomware Breach
5 years of shifting cybersecurity behavior
15 million impacted in French health ministry cyber attack
45% of Cybersecurity Leaders Work a “Sixth Day”
$100 radio equipment can track cars through their tire sensors
AI adoption shrinks cyber attack window to 48 hours in shipping
AI and Deepfakes Supercharge Sophisticated Cyber-Attacks
AI supercharges LinkedIn phishing risks in Australia
AI technology is placing the maritime industry at a greater risk of a cyber attack, reveals new data
AI went from assistant to autonomous actor and security never caught up
AI-driven hacking uses booking.com and Microsoft Teams in vibe coding and “flat pack” malware campaigns
AI-Powered Ransomware threatens even Encrypted Backups
AiLock Ransomware Hits Aaronson Rappaport & Demanor
Andal Law Group Suffers Anubis Ransomware Attack and Data Breach
Android gets patches for Qualcomm zero-day exploited in attacks
Android’s March 2026 security patch fixes over 100 flaws, one under targeted exploitation
Attackers could hijack Perplexity’s Comet browser to take over your 1Password vault
Aura.Build Data Breach Exposes Information of Over 132,000 Users
Check if your Chrome is up to date: Google’s Gemini might still be spying on you
Cloud Imperium faces backlash over delayed data breach disclosure
Cloudflare tracked 230 billion daily threats and here is what it found
Critical MS-Agent Vulnerability Allows Attackers to Hijack AI Agents and Gain Full System Control
Cyber Resilience as a Corporate Mindset
Cyber-Kinetic Warfare Escalates as Iran, US, and Israel Clash Across Military and Digital Fronts
Digital Sabotage And Bad Grammar: Inside The Cyber Hijack Of Pakistan’s Airwaves
Epic Fury/Roaring Lion Sparks Escalating Cyber Conflict as Iran Goes Offline, Hacktivists Step Up Retaliation
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
Fake Zoom and Google Meet Pages Trick Users Into Installing Monitoring Tool
Figure data breach exposes nearly 1 Million accounts
From reactive to proactive: closing the phishing gap with LLMs
Gamers furious as British studio Cloud Imperium quietly admits to data breach
German Court Convicts Key Operator of Global Multi-Million Investment Scam Milton Group
Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
Hacked traffic cams and hijacked TVs: How cyber operations supported the war against Iran
Hackers Abuse .arpa Top-Level Domain to Host Phishing Scams
Hackers breach Star Citizen players’ personal data in January, but CIG only just got around to mentioning it
Hackers Use CyberStrikeAI Tool to Breach Fortinet FortiGate Devices
Hackers Use GTFire Phishing Attack to Steal Credentials via Google Services
Hacktivists Claim Department of Homeland Security (DHS) Breach, Leak 6,600+ ICE Contractor Records
Half of US CISOs Work the Equivalent of a Six-Day Week
Handala Hack Breaches Sharjah National Oil & Israel Opportunity
Healthcare organizations are accepting cyber risk to cut costs
Higginbotham Data Breach Affects 9k Texans: SSNs Exposed
Hospital General de Medellín Data Breach Exposes Patient Records
How Israel hacked Iran’s traffic cameras to pinpoint Khamenei
How Pakistan, Bangladesh, and Sri Lanka Were Hit by India-Linked Threat Actors
Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks
I4C Warns of Ransomware Groups Turning To Professional Firms, Targeting Network Storage Devices
Iran leveraging AI and stolen data to escalate cyber campaigns
Iranian Communications and Sensors Disrupted by US Cyber Command; Researchers Warn of Retaliatory Cyber Attacks
Iranian Cyber Threat Actor Targets Iraqi Government Officials in AI-Powered Campaign
Ireland: Fifth of companies experienced a cyber attack in last two years
Israel: RedAlert Spyware Campaign Exploits Wartime Panic With Trojanized App
Leaked Database Sheds Light on Iranian Crypto Sanctions Evasion
LexisNexis confirms data breach as hackers leak stolen files
LexisNexis Investigates Massive Data Breach by FULCRUMSEC
Mercer Advisors Hit by ShinyHunters Data Breach
Microsoft reveals OAuth redirection abuse powering new phishing attempts
Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
Microsoft warns of OAuth phishing campaigns able to bypass email and browser defenses - says 'these campaigns demonstrate that this abuse is operational, not theoretical'
MTN Irancell Data Breach Exposes Customer Information
New Google-Themed Phishing Attack Turns Browser Features Into Spyware
New Starkiller Phishing Framework Uses Real Login Pages to Bypass MFA Security
OAuth phishers make ‘check where the link points’ advice ineffective
OAuth Redirect Abuse Targets Government and Public Sector Organizations, Microsoft Warns
OCRFix Botnet Trojan Uses ClickFix Phishing To Evade Detection
Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries
Phishing campaign exploits OAuth redirection to bypass defenses
Play Ransomware Hits Cabka, WCC, LRA, Kuker Group & More
Project Compass Targets 764 Network as 30 Arrested and Victims Rescued
Ransomware is now less about malware and more about impersonation
Ransomware Tightens Grip on Chartered Accountancy (CA) & Consulting Firms; NAS Devices Emerge as Prime Target
Sadenet ISP Data Breach Exposes 160K Customer Records
Samsung comes clean after collecting Texans’ TV data
Samsung reaches settlement with Texas over smart TV data collection practices
SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
SonicWall Firewalls Under Siege From Over 4,000 Unique IP Addresses
Star Citizen developer CIG admits that a hacker gained access to account data...six weeks ago
Star Citizen developer suffers data breach impacting user personal data
Star Citizen Forgot to Mention Your Data Was Leaked Over a Month Ago
Star Citizen game developer discloses breach affecting user data
“Star Citizen” maker says that an undisclosed month-old data breach isn’t a big deal
Starkiller Phishing Framework Uses Real Login Pages to Evade MFA Protections
Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
Suspected ShinyHunters’ Vishing Attack Hits Ad Tech Firm Optimizely, Leaking Business Information
This new phishing campaign uses a fake Google Account security page to steal passcodes and more
Threat actors weaponize OAuth redirection logic to deliver malware
UK academia strong, but still at threat from cyber attack
University of Hawaiʻi Cancer Center says up to 1.2 million affected in ransomware breach
University of Hawaii Cancer Center Breach Exposes SSNs of 87,000+ Participants
University of Hawaii Cancer Center confirms data compromised
University of Hawaii (UH) Cancer Center data breach affects nearly 1.2 million people
“We go bankrupt:” stolen Gemini API key turns $180 monthly bill into $82K catastrophe, developer says
Wild pack without a leader: pro-Iranian hackers already active in wake of US-Israeli strikes
Wisconsin ‘Denmark School District’ Cyber Incident Triggering Network Outage Claimed by INC Ransom
2nd March
4 Data Security Incidents to Know About
A new app alerts you if someone nearby is wearing smart glasses
After the hack: why Odido’s crisis is only getting bigger
Agent Tesla Phishing Campaign Uses Process Hollowing To Evade Security Tools
AI is placing maritime industry at greater risk of cyber-attack
AI Overviews Rife With Scam Phone Numbers
AI placing maritime industry at risk of cyber attack
AI risk moves into the security budget spotlight
AI threats will get worse: 6 ways to match the tenacity of your digital adversaries
AI Tools Are Supercharging Hackers
AkzoNobel Suffers Data Breach by Anubis Ransomware Group
Alabama man pleads guilty to hacking, extorting hundreds of women
All data from Dutch telco Odido’s 6.5 Million customers leaked online
Alleged India-linked espionage campaign targeted Pakistan, Bangladesh, Sri Lanka
APT28 Exploits MSHTML Zero-Day Ahead of February 2026 Patch Tuesday
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before February 2026 Patch Tuesday
BE-ATEX Data Breach Exposes Customer and Employee Information
British authorities issue cyber alert as former FBI chief warns Iran will retaliate with ransomware and digital sabotage
British organizations urged to be alert to threat of Iranian cyberattacks
Building Detroit Data Breach Allegedly Exposes 185,000 Records
Bumble Faces Lawsuit Over “Preventable” Data Breach
Canadian Tire data breach affects over 38 million accounts
Chilean National Extradited to U.S. Over Stolen Credit Card Data Trafficking Scheme
Claude Code Weaponized in Mexican Government Cyberattack, Exposing Roughly 195 Million Identities
ClawJacked Bug Enables Covert AI Agent Hijacking
Compromised Go Crypto Package Delivers Rekoobe Malware To Dev Systems
Conduent Data Breach: 25 Million Exposed. What to Do Now?
Coupang Q4 Profit Plunges 97% Following Major Data Breach
Cyberattack briefly disrupts Russian internet regulator and defense ministry websites
CyberStrikeAI tool adopted by hackers for AI-powered attacks
Data Breach Exposes 25 Million Americans in What Texas Calls the Largest US Hack in History
Data Breach Prompts Lawsuit Against Clackamas Community College
DDoS and Website defacement might increase on US Networks says Department of Homeland Security (DHS)
Den kulturelle skolesekken Data Breach Exposes 1.3 Million Records
Dohdoor Malware Targets U.S. Schools and Healthcare In Multi-Stage Campaign
Don’t Click Yet: How to Recognize a Phishing Scam Fast
DuckDuckGo Browser UXSS Flaw in AutoConsent JS Bridge Enables Cross-Origin Code Execution
Excel Healthcare Receivable Management & Consulting Data Breach Impacts Health Information
Expect Iran to Launch Cyber-Attacks Globally, Warns Google Head of Threat Intel
Fake Google Security site uses Progressive Web App (PWA) to steal credentials, MFA codes
Fake Zoom Update Scam Infects 1,437 Users, Deploys Surveillance Malware In Just 12 Days
Florida woman imprisoned for massive Microsoft license fraud scheme
Foom Cash Recovers $1.84 Million After $2.26 Million Exploit With Help From White Hat Hacker
French firm making Airbus and Boeing parts faces cyber threat
Fundacão Getulio Vargas (FGV) Suffers Ransomware Attack
German court convicts alleged mastermind behind global investment scam network
Growing AI use by maritime sharply increases the risk of a cyber attack
Grupo D’arc Suffers Ransomware Attack by Qilin Group
GTFire Phishing Campaign Exploits Google Services to Bypass Detection and Harvest Credentials
GTFire Phishing Scheme Abuses Google Services to Evade Detection and Steal Credentials
Hacked Prayer App Weaponized in Cyber Operations Amid US-Israel Strikes on Iran
Hackers and internet outages hit Iran amid U.S. air strikes
Hackers exploit .arpa domains for sophisticated phishing attacks
Hackers hijack .arpa domain for phishing scams - hosting malicious websites and domains where no one can spot them
Hackers infiltrated Iran's popular prayer app and posted political messages
Hackers Leverage Campaign Platform To Bypass Google Ads Security and Promote Malicious Ads
Hacktivists claim to have hacked Homeland Security to release ICE contract data
Hotel hacker arrested after digital fraud involving paying 1 cent for luxury suites
Hundreds of FreePBX instances infected by web shells exploiting command injection vulnerability
Hybrid Middle East Conflict Triggers Surge in Global Cyber Activity
Identity attacks rise to 67% of incidents
IDMERIT breach: How hackers turn fake news into ransomware
INC Ransomware Breaches Ramet-Trom, LKE Group, Abrams, Denmark High School
Iran-US conflict triggers internet blackout, cyberattacks, and UAE misinformation warning
Iran's cyberwar has begun
Iranian Apps, Websites Hacked Following US-Israeli Strikes
Israel Faced Record Cyber Threats in 2025 as Alerts Surged
Israeli MOSSAD Sophisticated Cyber Attack Against Pakistan Media
Madison Square Garden Data Breach Confirmed Months After Hacker Attack
Maritz Holdings Data Breach Exposes Social Security Numbers
Meta AI in WhatsApp organizes chats and reopens privacy issues
Nephrology Associates Data Breach Exposes Social Security Numbers
New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel
North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
OAuth redirection abuse enables phishing and malware delivery
OCRFix Botnet Trojan Leveraging ClickFix Phishing and EtherHiding to Conceal Blockchain-Based Command Infrastructure
OCRFix Botnet Uses ClickFix Phishing and EtherHiding to Mask Blockchain C2 Infrastructure
OneUptime Command Injection Flaw Enables Full Server Takeover
Pakistan cyber attack targets Indian TV channel ABP News
Pakistan’s Top News Channels Hacked and Hijacked With Anti-Military Messages
Pakistani news channels hacked with pro-Mossad messages
PayPal Loan App Customer Data Breach Results in Unauthorized Transactions and Refunds
Phishing Pages for Zoom and Google Meet Install Teramind Monitoring Tool
PIH Health Discloses Data Breach Exposing SSNs, Health Information, and More
Popular Iranian App BadeSaba was Hacked to Send “Help Is on the Way” Alerts
Protecting the Most Vulnerable: Lessons from Last Year’s Nursery Cyber Attack
Purchase order attachment isn’t a PDF. It’s phishing for your password
Ransomware has changed - and so must public sector organisations
Ransomware Payments Decline 8% as Attacks Surge 50%
Remote-working breaches as phishing fears reach record high
Rhysida Ransomware Attack Hits Southold Police and Senior Services
Rising Network of Teenage Hackers: From Data Theft to Digital Extortion, Cyber Threat Becomes More Serious
Security debt is becoming a governance issue for CISOs
South Korea Tax Office Leaks Cryptocurrency Assets, Critical Failure Leads to Wallet Breach
Study Finds Phishing Scams Are on the Rise, Accelerated by AI
Teramind stealthily spread via Zoom, Google Meet-exploiting phishing schemes
The InterTech Group Data Breach Exposes Social Security Numbers
The Top Ways Attackers Infiltrate Systems Today
This purchase order PDF is fake, malicious, and after your password
Turkcell Superonline Customer Data Breach Exposes PII
UK reduces cyberattack fix times from two months to eight days
UK warns of Iranian cyberattack risks amid Middle-East conflict
Ukrainian hacker pleads guilty to running OnlyFake AI ID scam site
University of Hawaiʻi Cancer Center confirms data leak following ransomware attack
University of Mississippi Medical Center (UMMC) operations return to normal after cyber-attack
University of Mississippi Medical Center phones working after cyberattack
University of Mississippi Medical Center (UMMC) reopens clinics shut down by ransomware attack as recovery progresses
University of Mississippi Medical Center (UMMC) restores phone lines after ransomware attack
University Spine Center Discloses Data Breach to Department of Health and Human Services (HHS)
Unprecedented GitHub hacking spree: “security research” AI bot compromises major repositories from Microsoft, Datadog, and others
Valley Radiology Consultants Medical Group Discloses September Data Breach
Vietnam Announces National Cybersecurity Firewall Plan Under New Digital Governance Law
Why encrypted backups may fail in an AI-driven ransomware era
Why enterprise AI agents could become the ultimate insider threat
Your dependencies are 278 days out of date and your pipelines aren’t protected
Welcome to last month's DLR Report, an exclusive presentation of Data-Leaking Ransomware Operator's Global and US Victims that were claimed between 1st February and 28th February 2026.
Welcome to a special DLR Report solely focused on the Logistics Sector, an exclusive presentation of Data-Leaking Ransomware Operator's Global and US Victims that were claimed in the Logistics Sector in 2025.
Welcome to a special DLR Report solely focused on the Retail Sector, an exclusive presentation of Data-Leaking Ransomware Operator's Global and US Victims that were claimed in the Retail Sector in 2025.
Welcome to a special DLR Report solely focused on the Legal Sector, an exclusive presentation of Data-Leaking Ransomware Operator's Global and US Victims that were claimed in the Legal Sector in 2025.
Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 16th February and 22nd February 2026, kindly assisted by our partners.