Welcome to DBD. Cybercrime made global headlines in 2025. Attacks on well-known brands and organisations raised public awareness of the severity, frequency and impact of cyber attacks. Ransomware attacks were the highest ever recorded, and 2026 could be worse, as cyber criminals continue to extort their victims, with little chance of being brought to justice. It's a dangerous world out there, so please be extra vigilant and mindful of the risks and threats. Wishing you all the best for the New Year. Thanks again for all your support. Stay safe. :)
Dentons Senior Analyst, Washington D.C.
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 2nd February and 8th February 2026.2nd February
AI is flooding Identity and Access Management (IAM) systems with new identities
Alleged Data Breach Targets Spain’s Ministry of Science, Innovation, and Universities
Android RAT Uses Hugging Face to Host Malware
Autonomous AI Agents Emerge As Cybercrime’s New Operating System
BreachForums Breach Exposes Names of 324K Cybercriminals, Upends the Threat Intel Game
Britain and Japan Join Forces on Cybersecurity and Strategic Minerals
CrossCurve Bridge Hacked for $3 Million After Smart Contract Validation Vulnerability Exploited
Crypto Losses Hit Nearly $370 Million in January 2026 as Phishing Scams Surge
Crypto Losses Surge to $370 Million in January, Phishing Dominates
Deatak Inc. Targeted by Play Ransomware Attack
DragonForce Ransomware Hits T&M Electric and Mullinax Ford
Encountered fraud messages in the UAE? Here’s what you need to know
Epstein allegedly had a “personal hacker,” was into cyberwar and malware
eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware
Everest Ransomware Breaches Iron Mountain, Polycom, Hosokawa Micron, Shinwa, SIGMA, Acu Trans, and Stellium
Exploit Pack Breach: Full Repository of Exploits and Shellcodes Leaked
Former Google Engineer Found Guilty of Stealing AI Secrets
Hackers claim 1.4 TB theft from Iron Mountain, major data management company
Hackers have attacked a Belgian school and are demanding €50 for every child
Hackers who hit OkCupid, Bumble, and Crunchbase bypass security with a simple trick: a phone call
Jeffrey Epstein employed a private hacker, new documents reveal
Malicious ‘Mac Cleaner’ Ads On Google Redirect Users To Phishing Nightmares
Mandiant Reports ShinyHunters Extortion Tactics, Vishing, and SSO Compromise Target Cloud Environments
NationStates confirms data breach, shuts down game site
Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
Open VSX Registry Deploys GlassWorm Malware via Four Malicious Extension Versions
Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm
Qilin Attacks Stephenson Ziegenhorn & Bernard, Sprokkit, INGUS, JCM Agricola
Ransomware report notes fourth quarter 2025 attack surge
Ransomware Strikes Rome's Leading University
Ransomware Without Encryption: Why Pure Exfiltration Attacks Are Surging
Research Says Gen Z Is Nearly 3 Times More Vulnerable To Phishing Than Boomers, Here’s Why
Russian APT28 Exploit Zero-Day Hours After Microsoft Discloses Office Vulnerability
Russian Hacker Alliance Launches Large-Scale Cyberattack On Denmark
San Juan Andes Health System Data Breach Exposes Patient Photos
Scottish Council Had “Gaps in Cybersecurity” Prior to Cyber-attack
State-Aligned Actors Exploit Unrest with RedKitten AI-Accelerated Campaign Targeting Iranian Protests
Taiwan HVAC Engineering Association Data Breach by Hexvior Group
Where National Security Agency (NSA) zero trust guidance aligns with enterprise reality
WoundTech Data Breach Exposes 160,000 Sensitive Patient Records
