Data Breaches Digest - Week 10 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 2nd March and 8th March 2026.

4th March

Australia: It’s time schools moved beyond passwords

3rd March

1.2 Million Affected by University of Hawaii Cancer Center Data Breach

1.2 Million Impacted As Heartless Hackers Attack Cancer Center In Ransomware Breach

5 years of shifting cybersecurity behavior

15 million impacted in French health ministry cyber attack

45% of Cybersecurity Leaders Work a “Sixth Day”

$100 radio equipment can track cars through their tire sensors

AI adoption shrinks cyber attack window to 48 hours in shipping

AI and Deepfakes Supercharge Sophisticated Cyber-Attacks

AI supercharges LinkedIn phishing risks in Australia

AI technology is placing the maritime industry at a greater risk of a cyber attack, reveals new data

AI went from assistant to autonomous actor and security never caught up

AI-driven hacking uses booking.com and Microsoft Teams in vibe coding and “flat pack” malware campaigns

AI-Powered Ransomware threatens even Encrypted Backups

AiLock Ransomware Hits Aaronson Rappaport & Demanor

Andal Law Group Suffers Anubis Ransomware Attack and Data Breach

Android gets patches for Qualcomm zero-day exploited in attacks

Android’s March 2026 security patch fixes over 100 flaws, one under targeted exploitation

Attackers could hijack Perplexity’s Comet browser to take over your 1Password vault

Aura.Build Data Breach Exposes Information of Over 132,000 Users

Check if your Chrome is up to date: Google’s Gemini might still be spying on you

Cloud Imperium faces backlash over delayed data breach disclosure

Cloudflare tracked 230 billion daily threats and here is what it found

Critical MS-Agent Vulnerability Allows Attackers to Hijack AI Agents and Gain Full System Control

Cyber Resilience as a Corporate Mindset

Cyber-Kinetic Warfare Escalates as Iran, US, and Israel Clash Across Military and Digital Fronts

Digital Sabotage And Bad Grammar: Inside The Cyber Hijack Of Pakistan’s Airwaves

Epic Fury/Roaring Lion Sparks Escalating Cyber Conflict as Iran Goes Offline, Hacktivists Step Up Retaliation

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

Fake Zoom and Google Meet Pages Trick Users Into Installing Monitoring Tool

Figure data breach exposes nearly 1 Million accounts

From reactive to proactive: closing the phishing gap with LLMs

Gamers furious as British studio Cloud Imperium quietly admits to data breach

German Court Convicts Key Operator of Global Multi-Million Investment Scam Milton Group

Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited

Hacked traffic cams and hijacked TVs: How cyber operations supported the war against Iran

Hackers Abuse .arpa Top-Level Domain to Host Phishing Scams

Hackers breach Star Citizen players’ personal data in January, but CIG only just got around to mentioning it

Hackers Use CyberStrikeAI Tool to Breach Fortinet FortiGate Devices

Hackers Use GTFire Phishing Attack to Steal Credentials via Google Services

Hacktivists Claim Department of Homeland Security (DHS) Breach, Leak 6,600+ ICE Contractor Records

Half of US CISOs Work the Equivalent of a Six-Day Week

Handala Hack Breaches Sharjah National Oil & Israel Opportunity

Healthcare organizations are accepting cyber risk to cut costs

Higginbotham Data Breach Affects 9k Texans: SSNs Exposed

Hospital General de Medellín Data Breach Exposes Patient Records

How Israel hacked Iran’s traffic cameras to pinpoint Khamenei

How Pakistan, Bangladesh, and Sri Lanka Were Hit by India-Linked Threat Actors

Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks

I4C Warns of Ransomware Groups Turning To Professional Firms, Targeting Network Storage Devices

Iran leveraging AI and stolen data to escalate cyber campaigns

Iranian Communications and Sensors Disrupted by US Cyber Command; Researchers Warn of Retaliatory Cyber Attacks

Iranian Cyber Threat Actor Targets Iraqi Government Officials in AI-Powered Campaign

Ireland: Fifth of companies experienced a cyber attack in last two years

Israel: RedAlert Spyware Campaign Exploits Wartime Panic With Trojanized App

Leaked Database Sheds Light on Iranian Crypto Sanctions Evasion

LexisNexis confirms data breach as hackers leak stolen files

LexisNexis Investigates Massive Data Breach by FULCRUMSEC

Mercer Advisors Hit by ShinyHunters Data Breach

Microsoft reveals OAuth redirection abuse powering new phishing attempts

Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets

Microsoft warns of OAuth phishing campaigns able to bypass email and browser defenses - says 'these campaigns demonstrate that this abuse is operational, not theoretical'

MTN Irancell Data Breach Exposes Customer Information

New Google-Themed Phishing Attack Turns Browser Features Into Spyware

New Starkiller Phishing Framework Uses Real Login Pages to Bypass MFA Security

OAuth phishers make ‘check where the link points’ advice ineffective

OAuth Redirect Abuse Targets Government and Public Sector Organizations, Microsoft Warns

OCRFix Botnet Trojan Uses ClickFix Phishing To Evade Detection

Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries

Phishing campaign exploits OAuth redirection to bypass defenses

Play Ransomware Hits Cabka, WCC, LRA, Kuker Group & More

Project Compass Targets 764 Network as 30 Arrested and Victims Rescued

Ransomware is now less about malware and more about impersonation

Ransomware Tightens Grip on Chartered Accountancy (CA) & Consulting Firms; NAS Devices Emerge as Prime Target

Sadenet ISP Data Breach Exposes 160K Customer Records

Samsung comes clean after collecting Texans’ TV data

Samsung reaches settlement with Texas over smart TV data collection practices

SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains

SonicWall Firewalls Under Siege From Over 4,000 Unique IP Addresses

Star Citizen developer CIG admits that a hacker gained access to account data...six weeks ago

Star Citizen developer suffers data breach impacting user personal data

Star Citizen Forgot to Mention Your Data Was Leaked Over a Month Ago

Star Citizen game developer discloses breach affecting user data

“Star Citizen” maker says that an undisclosed month-old data breach isn’t a big deal

Starkiller Phishing Framework Uses Real Login Pages to Evade MFA Protections

Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication

Suspected ShinyHunters’ Vishing Attack Hits Ad Tech Firm Optimizely, Leaking Business Information

This new phishing campaign uses a fake Google Account security page to steal passcodes and more

Threat actors weaponize OAuth redirection logic to deliver malware

UK academia strong, but still at threat from cyber attack

University of Hawaiʻi Cancer Center says up to 1.2 million affected in ransomware breach

University of Hawaii Cancer Center Breach Exposes SSNs of 87,000+ Participants

University of Hawaii Cancer Center confirms data compromised

University of Hawaii (UH) Cancer Center data breach affects nearly 1.2 million people

“We go bankrupt:” stolen Gemini API key turns $180 monthly bill into $82K catastrophe, developer says

Wild pack without a leader: pro-Iranian hackers already active in wake of US-Israeli strikes

Wisconsin ‘Denmark School District’ Cyber Incident Triggering Network Outage Claimed by INC Ransom

2nd March

4 Data Security Incidents to Know About

A new app alerts you if someone nearby is wearing smart glasses

After the hack: why Odido’s crisis is only getting bigger

Agent Tesla Phishing Campaign Uses Process Hollowing To Evade Security Tools

AI is placing maritime industry at greater risk of cyber-attack

AI Overviews Rife With Scam Phone Numbers

AI placing maritime industry at risk of cyber attack

AI risk moves into the security budget spotlight

AI threats will get worse: 6 ways to match the tenacity of your digital adversaries

AI Tools Are Supercharging Hackers

AkzoNobel Suffers Data Breach by Anubis Ransomware Group

Alabama man pleads guilty to hacking, extorting hundreds of women

All data from Dutch telco Odido’s 6.5 Million customers leaked online

Alleged India-linked espionage campaign targeted Pakistan, Bangladesh, Sri Lanka

APT28 Exploits MSHTML Zero-Day Ahead of February 2026 Patch Tuesday

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before February 2026 Patch Tuesday

BE-ATEX Data Breach Exposes Customer and Employee Information

British authorities issue cyber alert as former FBI chief warns Iran will retaliate with ransomware and digital sabotage

British organizations urged to be alert to threat of Iranian cyberattacks

Building Detroit Data Breach Allegedly Exposes 185,000 Records

Bumble Faces Lawsuit Over “Preventable” Data Breach

Canadian Tire data breach affects over 38 million accounts

Chilean National Extradited to U.S. Over Stolen Credit Card Data Trafficking Scheme

Claude Code Weaponized in Mexican Government Cyberattack, Exposing Roughly 195 Million Identities

ClawJacked Bug Enables Covert AI Agent Hijacking

Compromised Go Crypto Package Delivers Rekoobe Malware To Dev Systems

Conduent Data Breach: 25 Million Exposed. What to Do Now?

Coupang Q4 Profit Plunges 97% Following Major Data Breach

Cyberattack briefly disrupts Russian internet regulator and defense ministry websites

CyberStrikeAI tool adopted by hackers for AI-powered attacks

Data Breach Exposes 25 Million Americans in What Texas Calls the Largest US Hack in History

Data Breach Prompts Lawsuit Against Clackamas Community College

DDoS and Website defacement might increase on US Networks says Department of Homeland Security (DHS)

Den kulturelle skolesekken Data Breach Exposes 1.3 Million Records

Dohdoor Malware Targets U.S. Schools and Healthcare In Multi-Stage Campaign

Don’t Click Yet: How to Recognize a Phishing Scam Fast

DuckDuckGo Browser UXSS Flaw in AutoConsent JS Bridge Enables Cross-Origin Code Execution

Excel Healthcare Receivable Management & Consulting Data Breach Impacts Health Information

Expect Iran to Launch Cyber-Attacks Globally, Warns Google Head of Threat Intel

Fake Google Security site uses Progressive Web App (PWA) to steal credentials, MFA codes

Fake Zoom Update Scam Infects 1,437 Users, Deploys Surveillance Malware In Just 12 Days

Florida woman imprisoned for massive Microsoft license fraud scheme

Foom Cash Recovers $1.84 Million After $2.26 Million Exploit With Help From White Hat Hacker

French firm making Airbus and Boeing parts faces cyber threat

Fundacão Getulio Vargas (FGV) Suffers Ransomware Attack

German court convicts alleged mastermind behind global investment scam network

Growing AI use by maritime sharply increases the risk of a cyber attack

Grupo D’arc Suffers Ransomware Attack by Qilin Group

GTFire Phishing Campaign Exploits Google Services to Bypass Detection and Harvest Credentials

GTFire Phishing Scheme Abuses Google Services to Evade Detection and Steal Credentials

Hacked Prayer App Weaponized in Cyber Operations Amid US-Israel Strikes on Iran

Hackers and internet outages hit Iran amid U.S. air strikes

Hackers exploit .arpa domains for sophisticated phishing attacks

Hackers hijack .arpa domain for phishing scams - hosting malicious websites and domains where no one can spot them

Hackers infiltrated Iran's popular prayer app and posted political messages

Hackers Leverage Campaign Platform To Bypass Google Ads Security and Promote Malicious Ads

Hacktivists claim to have hacked Homeland Security to release ICE contract data

Hotel hacker arrested after digital fraud involving paying 1 cent for luxury suites

Hundreds of FreePBX instances infected by web shells exploiting command injection vulnerability

Hybrid Middle East Conflict Triggers Surge in Global Cyber Activity

Identity attacks rise to 67% of incidents

IDMERIT breach: How hackers turn fake news into ransomware

INC Ransomware Breaches Ramet-Trom, LKE Group, Abrams, Denmark High School

Iran-US conflict triggers internet blackout, cyberattacks, and UAE misinformation warning

Iran's cyberwar has begun

Iranian Apps, Websites Hacked Following US-Israeli Strikes

Israel Faced Record Cyber Threats in 2025 as Alerts Surged

Israeli MOSSAD Sophisticated Cyber Attack Against Pakistan Media

Madison Square Garden Data Breach Confirmed Months After Hacker Attack

Maritz Holdings Data Breach Exposes Social Security Numbers

Meta AI in WhatsApp organizes chats and reopens privacy issues

Nephrology Associates Data Breach Exposes Social Security Numbers

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

OAuth redirection abuse enables phishing and malware delivery

OCRFix Botnet Trojan Leveraging ClickFix Phishing and EtherHiding to Conceal Blockchain-Based Command Infrastructure

OCRFix Botnet Uses ClickFix Phishing and EtherHiding to Mask Blockchain C2 Infrastructure

OneUptime Command Injection Flaw Enables Full Server Takeover

Pakistan cyber attack targets Indian TV channel ABP News

Pakistan’s Top News Channels Hacked and Hijacked With Anti-Military Messages

Pakistani news channels hacked with pro-Mossad messages

PayPal Loan App Customer Data Breach Results in Unauthorized Transactions and Refunds

Phishing Pages for Zoom and Google Meet Install Teramind Monitoring Tool

PIH Health Discloses Data Breach Exposing SSNs, Health Information, and More

Popular Iranian App BadeSaba was Hacked to Send “Help Is on the Way” Alerts

Protecting the Most Vulnerable: Lessons from Last Year’s Nursery Cyber Attack

Purchase order attachment isn’t a PDF. It’s phishing for your password

Ransomware has changed - and so must public sector organisations

Ransomware Payments Decline 8% as Attacks Surge 50%

Remote-working breaches as phishing fears reach record high

Rhysida Ransomware Attack Hits Southold Police and Senior Services

Rising Network of Teenage Hackers: From Data Theft to Digital Extortion, Cyber Threat Becomes More Serious

Security debt is becoming a governance issue for CISOs

South Korea Tax Office Leaks Cryptocurrency Assets, Critical Failure Leads to Wallet Breach

Study Finds Phishing Scams Are on the Rise, Accelerated by AI

Teramind stealthily spread via Zoom, Google Meet-exploiting phishing schemes

The InterTech Group Data Breach Exposes Social Security Numbers

The Top Ways Attackers Infiltrate Systems Today

This purchase order PDF is fake, malicious, and after your password

Turkcell Superonline Customer Data Breach Exposes PII

UK reduces cyberattack fix times from two months to eight days

UK warns of Iranian cyberattack risks amid Middle-East conflict

Ukrainian hacker pleads guilty to running OnlyFake AI ID scam site

University of Hawaiʻi Cancer Center confirms data leak following ransomware attack

University of Mississippi Medical Center (UMMC) operations return to normal after cyber-attack

University of Mississippi Medical Center phones working after cyberattack

University of Mississippi Medical Center (UMMC) reopens clinics shut down by ransomware attack as recovery progresses

University of Mississippi Medical Center (UMMC) restores phone lines after ransomware attack

University Spine Center Discloses Data Breach to Department of Health and Human Services (HHS)

Unprecedented GitHub hacking spree: “security research” AI bot compromises major repositories from Microsoft, Datadog, and others

Valley Radiology Consultants Medical Group Discloses September Data Breach

Vietnam Announces National Cybersecurity Firewall Plan Under New Digital Governance Law

Why encrypted backups may fail in an AI-driven ransomware era

Why enterprise AI agents could become the ultimate insider threat

Your dependencies are 278 days out of date and your pipelines aren’t protected