Data Breaches Digest - Week 14 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 30th March and 5th April 2026.

31st March - World Backup Day

The 10 Cybersecurity Trends and Terrors of 2026

World Backup Day warnings over ransomware resilience gaps

30th March

3 red flags that job posting is a scam - and how to verify safely

15-Year-Old strongSwan Flaw Lets Attackers Crash VPNs via Integer Underflow

22,000 people identified in Apex, North Carolina ransomware case

Abacel SA Data Breach Exposes Over 500,000 User Records

Acme Truck Line Data Breach Exposes Sensitive Info Including SSNs and Financial Accounts

AI-driven phishing can adapt, learn, and strike without human input

AI-Powered Phishing Campaign Compromises Hundreds of Organizations

Ajax silenced hacker who found 2017 data breach

Alleged Feníe Energía Data Breach May Have Exposed 1.7 Million Customer Records

Alp-001 Ransomware Hits KOB, Knewin, Kyocera, Lacor & Polsat

Apple adds macOS Terminal warning to block ClickFix attacks

Apple will hide your email address from apps and websites, but not cops

Aroostook Mental Health Services (AMHC) Ransomware Attack Affects Operations: Compromised Data Currently Unknown

California woman files class action lawsuit against Nike after data breach

Clickrent.es Suffers Alleged 2.5 Million Record Data Breach

Co-Op Chief Steps Down As Hack Leads To £125 million Loss

Critical Citrix NetScaler Vulnerability Exploited in the Wild

Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643)

Critical Fortinet FortiClient EMS flaw now exploited in attacks

Dark Web Market Lists Alleged 375TB Lockheed Martin Data for $600 Million

DeepLoad Malware Combines ClickFix With AI-Generated Code to Avoid Detection

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

Doctor.com Ransomware Attack: Qilin Claims 205GB Data Breach

Don’t count on government guidance after a smart home breach

Email burnout is increasing phishing and fraud risks for small businesses. What you need to know

Enterprises and SMEs Data Recovery Problem: Make Data Resilience Your Superpower

EU investigates cyber attack targeting Commission websites

European Commission Confirms Cloud Data Breach

European Commission confirms data breach after attack on cloud infrastructure

European Commission confirms data breach after Europa.eu hack

European Commission confirms data breach as ShinyHunters group claims responsibility

European Commission Confirms Data Breach, ShinyHunters Claim Credit

European Commission confirms platform data breach - admits 'data has been taken' from official websites

European Commission data breach via ShinyHunters Cyber Attack

European Commission downplays ShinyHunters cyberattack impact

European Commission responds to cyber-attack on its Europa web platform

Exitium Ransomware Attack Hits IKRON and Ming Hwei Energy

Exposed Server Leaks TheGentlemen Ransomware Toolkit, Credentials, and Ngrok Tokens

FIFA World Cup 2026: A Match Between Fans and Scammers

Glass Manufacturer Reaches Preliminary Settlement Over 2023 Data Breach

Hacker Claim Huge Breach of China’s Most Secure Supercomputer

Hackers Circle Citrix NetScaler Flaw Within Hours of Disclosure

Hackers demand ransom in Stats SA data breach

Hackers Impersonate Ukrainian CERT to Plant a RAT on Government, Hospital Networks

Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now

Healthcare IT Platform CareCloud Probing Potential Data Breach

Healthcare software firm CareCloud informs Securities and Exchange Commission (SEC) of potential patient data leak

How businesses can defend themselves against the rise of ‘phishing as a service’

How Does The EU Data Breach Impact The UK?

Inc Ransomware Breaches Conveyors, Inc. and Greenology Products

Income Property Management (IPM) Data Breach Exposes Social Security Numbers and Other Personal Info

Information Commissioner’s Office (ICO) Fines UK Nuisance Call Scammers £100,000

Iran-Linked Hackers Breach FBI Director Kash Patel’s Email, Leak Messages Online

It looks bad: inside ShinyHunters’ European Commission data breach

Italian regulator fines financial giant $36 million for data protection failures

Italy: Data Protection Authority fines Intesa Sanpaolo €31.8 million for data breach

Italy Data Protection Agency Fines Intesa Sanpaolo $36 Million Over Data Breach

Jackson County Sheriff’s Office rebuilding from "Ground Zero" after ransomware attack

LakeMonster Data Breach Exposes Over 60,000 User Records

Liberty data breach underscores urgent need for corporate cybersecurity overhaul

Louis Vuitton hit with another class action in Salesforce-related data breach

Major phishing campaign on GitHub using fake security alerts

Millions of UK iPhone users locked into “child by default” mode in age verification debacle

OpenAI Codex Vulnerability Exposes GitHub Credentials via Command Injection

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability

Phishing ZIP Files Deliver PXA Stealer To Financial Sector Targets

Portal Agenda Data Breach Impacts 350,000 Records

Pro-Iranian Hacker Challenges US Security, FBI Boss's Personal Email Hacked

Quantum vs classical AI: Traditional models still lead in phishing detection

Researchers warn that macOS users face browser credential-stealing attack

Rogers, Fido customer info accessed in data breach

Russia-linked APT TA446 uses DarkSword exploit to target iPhone users in phishing wave

Russian court sentences notorious card fraud ringleader ‘Flint’ and 25 associates

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

Second data breach at European Commission this year leaves open questions over resilience

Smart Homes Are Getting Smarter - But Post-Breach Guidance Is Falling Behind

South Africa: Stats SA confirms data breach as hackers demand R1.7 million ransom

South Africa: Stats SA confirms data breach, hackers demand R1.7 million ransom

South Africa: Stats SA confirms data breach, hackers demand ransom

South Africa: Stats SA Hit by Cyberattack: Hackers Demand R1.7 Million Ransom for 154GB of Stolen Data

South Africa: Stats SA hit by ransomware attack

South Korea: Baemin Apologizes for Data Breach by Undercover Criminal at Outsourced Call Center

South Korea: Lawmaker Proposes Bill to Combat SNS Phishing From Abroad

Southampton School Closed For Days Following Hack

State Department reissues $10 million reward for info on Iranian hackers

Statistics South Africa (Stats SA) confirms HR database hacked

Statistics South Africa (Stats SA) Data Breach Raises Security Concerns

Statistics South Africa (Stats SA) Hit by Ransomware Attack, Hackers Claim Theft of 450,000 Files

Statistics South Africa (Stats SA) suffers ransomware attack exposing jobseekers’ personal data

Steakhouse Financial Alerts Users of Active Phishing Attack

Steakhouse Financial front-end breach exposes users to phishing scam

Sterling Seacrest Pritchard: 7,420 Affected by Breach

TeamPCP Uses Fake Ringtone File in Tainted Telnyx SDK to Steal Credentials

TeamPCP’s attack spree slows, but threat escalates with ransomware pivot

The Phone Call is the New Phishing Email

This ChatGPT flaw could send confidential info to attackers with just one prompt

Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign

Ukraine Inclusive Resource Center Suffers Data Breach

Voice Phishing Statistics 2026: Startling Data

Why risk alone doesn’t get you to yes

Woodfords Data Breach Exposes PII and PHI of 8,073 Individuals

Woodfords Family Services Notifies Patients Affected by April 2024 Ransomware Attack

Zero-click vulnerability afflicts Telegram, allows full device takeover through animated stickers