Assuréa, a French insurance broker within the Meilleurtaux group, has allegedly been compromised, resulting in a 150GB data dump reportedly being offered for sale for €20,000. The leak allegedly includes records from 2018–2026 with personal and insurance-related data affecting brokers and partner insurers. #Assuréa #Meilleurtaux…
Category: Cyber Attack
Threat actor xNov leaked a database from Moroccan biomedical school SUPTECH SANTE, exposing 231 student dossiers and advertising 500+ additional dossiers for sale. The records include national ID numbers (CIN) with ID card photos, diploma scans, Massar codes, and contact details, creating heightened risk of identity theft and fraudulent credentialing in…
Threat actors EvilDump, ExtaseHunters, and Breach3d claim to have breached ANTS (Agence Nationale des Titres Securises / France Titres) and are listing a database of 18 million citizen records for sale. The dataset reportedly contains government-verified identity flags (“certifie: true”), full legal names, contact details, birth and address data, and internal…
PalachPro is a solo Russian hacker with APT-level capabilities who exfiltrated classified Kongsberg documents and conducted espionage, DDoS, and tracking operations against Ukrainian military, NATO-aligned contractors, and Western infrastructure. His tools (SHADOWSNIFF, SALATSTEALER) and UAC-0252 designation have been documented by multiple intelligence firms, and data from his breaches was allegedly used…
Booking.com suffered a major data breach that exposed user profiles and reservation details, prompting the company to enforce a mandatory reset of booking PIN codes for affected customers. Users who receive an official notice from [email protected] should consider their account compromised and must verify communications carefully to avoid sophisticated phone scams…
Lamashtu claims to have breached multiple organizations across Spain, Singapore, Malaysia, Italy, the United States, France and Sweden, publishing a list of alleged victims in sectors including accounting, hospitality, healthcare, manufacturing, engineering and legal services. The actor alleges exfiltration of national ID documents and passports, medical records and DICOM imaging files,…
Ginlong (Solis), the world’s third-largest photovoltaic inverter manufacturer, is reported to have been compromised and suffered an unauthorized exposure of extensive telemetry and operational data. The allegedly leaked dataset appears to originate from the SolisCloud monitoring platform and includes plant IDs and locations, owner details, alarm logs, inverter specifications, performance metrics,…
Threat actor nxe is offering 70 GB of export-controlled technical data allegedly stolen from SEKISUI Aerospace, including engineering drawings, STEP/CAD files, BOMs, and production tooling for Boeing 737 MAX and 787 assemblies, for $200,000. The package is labeled “EXPORT CONTROLLED: EAR 9E991 / ITAR,” making its public sale a potential violation…
Threat actor lulzintel published the full PrestaShop database of Polish eco-retailer VegeHome (vegehome.pl), exposing data for over 100,000 customers in April 2026. Leaked fields include names, emails, hashed passwords, password reset tokens, secure keys, company identifiers (SIRET/AP E), payment terms, and internal mail records, creating high risk of account takeover and…
A threat actor calling themselves bytetobreach claims to have breached VUMI Group, an international health and life insurer, exfiltrating data over six days. The actor says roughly 300,000 policyholders and 25,000+ staff, partners, and agents were exposed, including SSNs, passport scans, W-9 forms, and full PII, with the data shared via…
The City of Anthony, New Mexico is investigating a cybersecurity incident after public records went missing and several systems became inaccessible during the transition to Mayor Gabriel Holguin’s administration. State officials are examining data integrity and access controls after police devices were reportedly erased and communication irregularities were observed #CityOfAnthony #GabrielHolguin
Straumann reported that a legacy system used for internal control processes between 2021 and 2024 was subject to an exposure of internal documents. Cybersecurity experts isolated the incident and authorities were informed, with the company stating that business operations and client systems were not affected. #Straumann #legacy-system
The DragonForce ransomware group claims to have breached multiple international organizations and posted them on its public leak site. Alleged victims include RUDOLF Medical GmbH + Co. KG, Lift AG, Travel of America, The Eldorado Trading Group (EDTG), Sistemi Gestione Integrata, and Affordable Oil, with exposed data ranging from internal documents…
The Coinbasecartel ransomware group claims it breached several major U.S. retail organizations, posting an alleged victim list that includes Carters, Ralph Lauren, and Helzberg. The actor says the compromise exposed full supply chain data for Carters and Ralph Lauren and 33GB of supply chain data from Helzberg. #Coinbasecartel #Carters #RalphLauren #Helzberg…
The Hydrological Information Management System (HIMS), run by the Bangladesh Water Development Board (BWDB) and supporting the Flood Forecasting and Warning Center (FFWC), appears to have been compromised with access and data allegedly offered for sale for $100. The data reportedly includes river levels, groundwater, rainfall, real-time flood alerts, historical hydrological…