Welcome to DBD. Cybercrime made global headlines in 2025. Attacks on well-known brands and organisations raised public awareness of the severity, frequency and impact of cyber attacks. Ransomware attacks were the highest ever recorded, and 2026 could be worse, as cyber criminals continue to extort their victims, with little chance of being brought to justice. It's a dangerous world out there, so please be extra vigilant and mindful of the risks and threats. Wishing you all the best for the New Year. Thanks again for all your support. Stay safe. :)
Dentons Senior Analyst, Washington D.C.
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 26th January and 1st February 2026.27th January
Manage My Health warns of impersonation, phishing attempts on patients
26th January
$6,000 “Stanley” Toolkit Sold on Russian Forums Fakes Secure URLs in Chrome
Atrox Fit Data Breach Leaks Personal Info of 2,300 Users
Axtria Data Breach: Cloud Software Source Code Leaked
Chrome and Safari users warned: ‘rn’ lookalike links fuel a fresh phishing wave
Chrome, Safari users warned over new phishing threat
CISA says critical VMware RCE flaw now actively exploited
Clop Ransomware Attack Hits 43 Global Companies Including Hilton and Weather.com
Columbia Medical Practice confirms November ransomware attack exposed patient data
Crunchbase Confirms Data Breach After Hacking Claims
Dark Web Profile: BravoX Ransomware
Deloitte Warns of Rising Ransomware and Phishing Threats in Nigeria for 2026
Edmunds Data Breach: ShinyHunters Leaks 146k User Records
Encryption illusion: Microsoft shared keys with FBI, leaving user data vulnerable
Energy sector targeted in multi-stage phishing and BEC campaign using SharePoint
Germany’s Bundesbank sees cyberattacks coming in faster than a human could blink
Hacker swipes $17 million from Matcha Meta users as protocol reports security ‘incident’
Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies
Hackers Weaponize GenAI To Turn Clean Webpages Malicious In Seconds
Has King Philippe of Belgium invited you to a gala dinner? Beware, you’re being scammed
Hilton pulled into Cl0p’s dark‑web hit list: hackers post claims, no proof yet
Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers
Korea hacks fuel shift as phishing targets citizens with data-stealing apps
Korea’s data breaches reveal a global shift towards targeted phishing
Laurel Health Centers identifies email system breach involving patient information
Law Firm Investigates Coupang Security Failures Ahead of Class Action Deadline
MacSync macOS Infostealer Uses ClickFix Tactic To Hijack Terminal Pastes
Montana court clears path for Blue Cross Blue Shield (BCBS) data breach showdown
Nearly 50,000 CSEA Members Affected by Data Security Breach
New Fake CAPTCHA Scam Abuses Microsoft Tools to Install Amatera Stealer
New Phishing Attack Exploits Vercel to Host and Deliver Remote Access Malware
New Phishing Attack Leverages Vercel Hosting Platform to Deliver a Remote Access Tool
New phishing attacks exploit visual URL tricks to impersonate major brands
New Phishing-as-a-Service Kit Targets Google, Microsoft, and Okta Users
Nike data breach: Hackers post company data, but what do we know so far?
Nike Data Breach Claims Surface as WorldLeaks Leaks 1.4TB of Files Online
Nova ransomware group claims to have breached KPMG Netherlands
Okta Flags Customised, Reactive Vishing Attacks Which Bypass MFA
Okta warns of real-time vishing kits defeating MFA
Over 30 million accounts affected in Coupang data breach
Poland repels data-wiping malware attack on energy systems
Ransomware Attack Disrupts Operations at Japan’s Largest Port
Reports link ShinyHunters to SSO vishing attacks, but key details reserved for Okta paying customers
Russia-linked Sandworm APT implicated in major cyber attack on Poland’s power grid
SMS and scam calls in the Philippines dropped in 2025, but phishing links are rising
South Korea’s Osan Air Base security measure raises data breach concerns
South Korean Bitcoin Catastrophe: Prosecutors Pinpoint Phishing in Staggering Loss of Seized Crypto
Spain: Travel chaos in Catalonia as ‘suspected cyber attack’ hobbles train network leaving thousands stranded amid intermittent services
‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing
‘SyncFuture’ Campaign Weaponizing Legitimate Enterprise Security Software to Deploy Malware
The Chimera Deception: How Multi-Stage Phishing Attacks Are Outsmarting Corporate Defenses
Thousands of Microsoft Teams users are being targeted in a new phishing campaign
Veradigm to Pay $10.5 Million to Settle Lawsuit Tied to 2024 Data Breach
Why security companies cannot simply block all ransomware
Why Should Human Awareness Be Your Best Cyber Defense
Wiper Attack on Polish Power Grid Linked to Russia’s Sandworm
