Hacker News with Generative AI: Data Breaches

A trove of leaked Black Basta logs expose the ransomware gang's members, victims (techcrunch.com)
A trove of chat logs allegedly belonging to the Black Basta ransomware group has leaked online, exposing key members of the prolific Russia-linked gang.

Cybersecurity, Ransomware, Data Breaches, Russia

4 points by impish9208 38 minutes ago | 0 comments

Have I Been Pwned likely to ban resellers from buying subs (theregister.com)
Troy Hunt, proprietor of data breach lookup site Have I Been Pwned, is likely to ban resellers from the service.

Cybersecurity, Data Breaches, Privacy, Online Services

8 points by defrost 9 days ago | 1 comments

"Largest data breach in US history": Three more lawsuits try to stop DOGE (arstechnica.com)
The US DOGE Service's access to the private data of ordinary Americans and federal employees is being challenged in several lawsuits filed this week.

Data Breaches, Lawsuits, Privacy, Cryptocurrencies, Dogecoin

17 points by CharlesW 9 days ago | 2 comments

Hackers leak cop manuals for departments after breaching major provider (dailydot.com)
Hackers leaked thousands of files from Lexipol, a Texas-based company that develops policy manuals, training bulletins, and consulting services for first responders.

Cybersecurity, Law Enforcement, Data Breaches, Privacy

78 points by pseudolus 10 days ago | 10 comments

Coordinates of Smartphones Feared Stolen (theregister.com)
Gravy Analytics has been sued yet again for allegedly failing to safeguard its vast stores of personal data, which are now feared stolen. And by personal data we mean information including the locations of tens of millions of smartphones, coordinates of which were ultimately harvested from installed apps.

Data Privacy, Mobile Security, Location Data, Data Breaches

4 points by jjgreen 15 days ago | 0 comments

Brian Krebs with some background on the story about Edward Coristine (infosec.exchange)

Cybersecurity, Information Security, Data Breaches, Privacy

9 points by qrios 15 days ago | 0 comments

Okta Bcrypt incident lessons for designing better APIs (n0rdy.foo)
Hello there! If you follow tech news, you might have heard about the Okta security incident that was reported on 1st of November. The TLDR of the incident was this:

Security, APIs, Software, Data Breaches

377 points by n0rdy 16 days ago | 166 comments

Health Data of 1M Americans Stolen by Hackers (newsweek.com)
A Connecticut-based healthcare provider has confirmed that a hacker was able to access the sensitive data of more than a million patients.

Data Breaches, Cybersecurity, Health Data, Healthcare

6 points by this_weekend 19 days ago | 1 comments

Medical billing firm Medusind discloses breach affecting 360k people (bleepingcomputer.com)
Medusind, a leading billing provider for healthcare organizations, is notifying hundreds of thousands of individuals of a data breach that exposed their personal and health information more than a year ago, in December 2023.

Data Breaches, Healthcare, Cybersecurity, Medical Billing

16 points by guiambros 20 days ago | 2 comments

Exposed DeepSeek database leaking sensitive information, including chat history (wiz.io)
Wiz Research has identified a publicly accessible ClickHouse database belonging to DeepSeek, which allows full control over database operations, including the ability to access internal data. The exposure includes over a million lines of log streams containing chat history, secret keys, backend details, and other highly sensitive information. The Wiz Research team immediately and responsibly disclosed the issue to DeepSeek, which promptly secured the exposure.

Cybersecurity, Data Breaches, Databases, Privacy

707 points by talhof8 23 days ago | 473 comments

Web Analytics Accidentally Collecting Passwords (freshpaint.io)

Web Analytics, Security, Privacy, Data Breaches

38 points by luu 24 days ago | 8 comments

DeepSeek hit with large-scale cyberattack, says it's limiting registrations (cnbc.com)

Cybersecurity, Data Breaches, Technology, Business

12 points by FollowingTheDao 25 days ago | 4 comments

Hacker infects 18,000 "script kiddies" with fake malware builder (bleepingcomputer.com)
A threat actor targeted low-skilled hackers, known as "script kiddies," with a fake malware builder that secretly infected them with a backdoor to steal data and take over computers.

Cybersecurity, Hacking, Malware, Data Breaches

212 points by emschwartz 27 days ago | 81 comments

British Museum forced to partly close after alleged IT attack by former employee (theguardian.com)
The British Museum was forced to partly close on Friday after its IT infrastructure was allegedly attacked by a former employee.

Cybersecurity, Museums, Data Breaches, IT

4 points by yearesadpeople 28 days ago | 2 comments

Crunchyroll Premium Login Details Leaked; Users at High Risk (animehunch.com)
On Jan 23, 2025, an account on X published a list of login details for multiple Crunchyroll Premium accounts.

Data Breaches, Security, Anime, Streaming Services

11 points by akyuu 29 days ago | 2 comments

Data breach hitting PowerSchool looks bad (arstechnica.com)
Schools are now notifying families their data has been stolen.

Data Breaches, Education, Privacy

4 points by elorant 29 days ago | 1 comments

PowerSchool hacker claims they stole data of 62M students (bleepingcomputer.com)
The hacker who breached education tech giant PowerSchool claimed in an extortion demand that they stole the personal data of 62.4 million students and 9.5 million teachers.

Cybersecurity, Education, Data Breaches, Privacy

4 points by elsewhen 30 days ago | 0 comments

Feds worry AT&T breach could out informants (scworld.com)
The FBI is reportedly in a panic over a possible leak of informant data thanks to an AT&T data breach.

Data Breaches, Cybersecurity, Law Enforcement, Government

15 points by LinuxBender 32 days ago | 0 comments

Pat-Tastrophe:Leaked GitHub Token Could Cripple Virtuals' $4.6B AI&Crypto Empire (shlomie.uk)
A single AI agent in the cryptocurrency space has a market cap of $641M at the time of writing. It has 386,000 Twitter followers. When it tweets market predictions, people listen - because it's right 83% of the time.

Cryptocurrency, Artificial Intelligence, Security, Data Breaches

19 points by MeProtozoan 34 days ago | 3 comments

Feds worry AT&T breach could out informants (scworld.com)
The FBI is reportedly in a panic over a possible leak of informant data thanks to an AT&T data breach.

Data Breaches, Cybersecurity, Law Enforcement, Telecommunications

8 points by LinuxBender 35 days ago | 0 comments

Private Keys in the Fortigate Leak (hboeck.de)
A few days ago, a download link for a leak of configuration files for Fortigate/Fortinet devices was posted on an Internet forum.

Cybersecurity, Data Breaches, Fortigate, Fortinet

4 points by hannob 35 days ago | 0 comments

UnitedHealth hid its Change Healthcare data breach notice for months (techcrunch.com)
Change Healthcare, the UnitedHealth-owned health tech company that lost more than 100 million people’s sensitive health data in a ransomware attack last year, said on Tuesday that the company has “substantially” completed notifying affected individuals about the massive data breach.

Data Breaches, Healthcare, Cybersecurity, UnitedHealth

7 points by blackeyeblitzar 37 days ago | 1 comments

Hackers Claim Breach of Location Data Giant, Threaten to Leak Data (404media.co)
Hackers claim to have compromised Gravy Analytics, the parent company of Venntel which has sold masses of smartphone location data to the U.S. government. The hackers said they have stolen a massive amount of data, including customer lists, information on the broader industry, and even location data harvested from smartphones which show peoples’ precise movements, and they are threatening to publish the data publicly.

Data Breaches, Privacy, Government Surveillance, Cybersecurity

43 points by anarbadalov 45 days ago | 21 comments

MyGiftCardSupply exposed hundreds of thousands of people's identity documents (techcrunch.com)
A U.S. online gift card store has secured an online storage server that was publicly exposing hundreds of thousands of customer government-issued identity documents to the internet.

Data Breaches, Security, Privacy, Identity Theft

5 points by impish9208 49 days ago | 0 comments

US Treasury Department breached through remote support platform (bleepingcomputer.com)

Cybersecurity, Government, Data Breaches

9 points by WaitWaitWha 52 days ago | 2 comments

Hackers hijacked legitimate Chrome extensions to try to steal data (theverge.com)
A cyberattack campaign inserted malicious code into multiple Chrome browser extensions as far back as mid-December, Reuters reported yesterday.

Cybersecurity, Chrome, Data Breaches

4 points by georg-stone 55 days ago | 0 comments

Volkswagen Data Leak Exposed 800k EV Owners' Movements (carscoops.com)
Many people worry about hackers stealing their personal data, but sometimes, the worst breaches come not from shadowy cybercriminals but straight from the companies we trust. According to a new report from Germany, the VW Group stored sensitive information for 800,000 electric vehicles from various brands on a poorly secured Amazon cloud—essentially leaving the digital door wide open for anyone to waltz in. And not just briefly, but for months on end.

Data Breaches, Privacy, Volkswagen, Electric Vehicles, Cloud Security

8 points by Vinnl 56 days ago | 2 comments

Cybersecurity firm's Chrome extension hijacked to steal users' data (bleepingcomputer.com)
At least five Chrome extensions were compromised in a coordinated attack where a threat actor injected code that steals sensitive information from users.

Cybersecurity, Chrome Extensions, Data Breaches, Security

3 points by sandwichsphinx 56 days ago | 0 comments

VW breach exposes location of 800k electric vehicles (cyberinsider.com)
A massive data leak involving over 800,000 Volkswagen electric vehicles (EVs) has left sensitive user information, including location data and personal contact details, unprotected on the internet.

Cybersecurity, Data Breaches, Electric Vehicles, Volkswagen

275 points by benwerner01 56 days ago | 297 comments

Help me find a blogpost I saw here once (ycombinator.com)
Within the past 2 years. It was specifically about correlating information obtained from dumps of breached websites to identify users and take advantage of password reuse to hack accounts.

Cybersecurity, Data Breaches, Password Security, Information Security, User Privacy

6 points by branon 58 days ago | 2 comments