Data breaches, leaks, incidents
Breaches
Ireland's DPC has fined the HSE €300,000 over a 2018 ransomware attack on a hospital lab system that encrypted diagnostic data belonging to 84,000 patients - the fine took eight years to land.
Breaches
ShinyHunters has listed Ralph Lauren on its leak site, claiming 220GB of customer PII, transaction records and unreleased 2027 product designs. The posting sets a June 14 leak deadline and is framed as a final warning. Ralph Lauren has not confirmed a breach.
Breaches
ServiceNow has quietly warned customers that attackers exploited an unauthenticated API endpoint to query data from customer instances. A June 5 update locked the endpoint to authenticated users only. Admins point to /api/now/related_list_edit set to requires_authentication=false.
Breaches
A False Claims Act lawsuit originally filed under seal in 2020 has been unsealed after the federal government declined to join as co-plaintiff, revealing explosive allegations from IBM's former Vice President of Threat Intelligence that both IBM and AT&T systematically concealed nation-state hacking incidents
Breaches
Meta has disclosed that over 20,000 Instagram accounts were hijacked after attackers exploited a vulnerability in the company's AI-powered High Touch Support (HTS) system — an account recovery tool designed to help users regain access after being locked out. The flaw allowed unauthorized password resets without verifying
Breaches
GitHub has confirmed that approximately 3,800 internal repositories were compromised after a TeamPCP supply chain attack that began with a single employee installing a poisoned Visual Studio Code extension. The breach was announced on Tuesday after TeamPCP posted claims on an underground forum offering GitHub's stolen source
Breaches
Grafana Labs has confirmed a data breach after attackers used a compromised token to access the company's GitHub environment and download its entire codebase. The open source visualization and analytics platform disclosed the incident on Sunday, two days after cybercrime group Coinbase Cartel listed Grafana on its leak
Breaches
West Pharmaceutical Services, a Pennsylvania-based pharmaceutical manufacturing giant, has confirmed a ransomware attack that disrupted operations across its global footprint after attackers exfiltrated data and deployed file-encrypting ransomware. The attack occurred on May 4 and prompted the company to proactively shut down and isolate affected on-premise infrastructure.
Breaches
Instructure, the company behind Canvas LMS — used by over 30 million educators and students across more than 8,000 institutions worldwide — has confirmed it reached a financial agreement with the ShinyHunters extortion group to prevent the release of stolen data from a recent breach. The company stated that ShinyHunters returned
Breaches
Angelo Martino, a 41-year-old former ransomware negotiator at cybersecurity incident response firm DigitalMint, has pleaded guilty to targeting U.S. companies with BlackCat (ALPHV) ransomware while simultaneously working as a negotiator supposedly helping victims resolve attacks. Martino is the third defendant to plead guilty in a case that
Breaches
Tyler Robert Buchanan, a 24-year-old from Dundee, Scotland, has pleaded guilty in a California federal court to conspiracy to commit wire fraud and aggravated identity theft for his role in a hacking operation that breached at least twelve companies and stole $8 million in cryptocurrency from individual victims
Breaches
A threat actor has breached Vercel's developer infrastructure through an identity supply chain attack that bypassed multi-factor authentication entirely — without stealing a single credential. The compromise, disclosed in April 2026, exploited a breached third-party OAuth integration to inherit valid Google Workspace sessions belonging to Vercel developers,