Latest News: Data Breaches

Over the course of a year, vpnMentor deployed a honeypot of open servers containing fake personal data to lure outside actors, analyze their behavior, and record what happens once a server is left open without encryption or other safeguards. This gave us near-real-time data on hackers' activity,

The UK Electoral Commission has disclosed a massive cybersecurity breach that exposed the personal data of an estimated 40 million UK voters. The breach, which began in August 2021, remained undetected until October 2022. The compromised data includes full names, email addresses, home addresses,

On Friday, the Colorado Department of Higher Education (CDHE) made an announcement regarding a data breach. The department detected this breach on June 19th and have since been collaborating with external specialists to manage the situation. Those impacted include people who attended public higher

Hackers exploiting a vulnerability in the corporate file transfer tool MOVEit Transfer have stolen protected health information belonging to Oregon citizens. The hackers accessed sensitive patient data, including names, birthdates, Social Security numbers, email and mailing addresses, and member

JumpCloud, a US-based identity and access management firm, recently made a disclosure regarding unauthorized access to its systems by a North Korean nation-state actor. The breach occurred a month ago and involved a spear-phishing attack against a targeted group of customers. The incident was

Cl0p, the Russian cybercrime group responsible for the recent MOVEit hack, has continued to add to its list of alleged victims. Several new entities have been added, including public and private companies, state and local governments, universities, and other organizations. As part of its malicious

Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password protected database that contained approximately 2.3 million records. Upon further investigation, it became clear that these records were associated with multiple dating applications contained in a

HCA, a prominent US healthcare company, has recently announced an alarming data breach that may have affected approximately 11 million patients. The disclosure followed an incident where a cybercriminal posted a message on a well-known cybercrime forum asserting possession of the pilfered data and

Last week, a notorious group of cyber criminals, known as ALPHV or BlackCat, made an announcement on their website declaring their successful acquisition of 70 terabytes of internal documents from the Barts Health NHS Trust. The predominantly Russian-speaking gang has issued a serious ultimatum,

The research team at Niebezpiecznik (a Polish security blog) uncovered the hack that stole messages, call logs, and locations intercepted by a widely used phone monitoring app. LetMeSpy published a notice stating that the incident occurred on June 21, and “as a result of the attack, the