Telus Digital has confirmed a security incident after the ShinyHunters extortion group claimed to have breached its systems using Google Cloud Platform credentials obtained from a prior third-party data theft. The actor alleges nearly 1 petabyte of internal and customer data was exfiltrated and is demanding a $65 million ransom to…
Category: Cyber Attack
The Lynx ransomware group claims to have breached multiple international organizations and posted proof of compromise on its dark web leak site. Their latest alleged victims include Keller Polska and Lion of Africa Insurance Company Ltd, with exposed internal documents, corporate presentations, client references, company photos and logos, project and machinery…
Oticket reportedly suffered a data breach that exposed a database dump containing records for more than 450,000 users after the data was posted to a cybercrime forum by an unidentified party. The leaked sample allegedly includes full names, email addresses, cell phone numbers, CPF numbers, dates of birth, physical locations, and…
DragonForce claims to have breached Phoenix Environmental Laboratories and exfiltrated 1.62 TB of internal files. The allegedly compromised data includes PII such as SSNs and TINs, dates of birth, residential addresses, driver’s license numbers, internal employee investigation reports, customer financial records, invoices, and accounting contact information #DragonForce #PhoenixEnvironmentalLaboratories…
A threat actor using the handle CVDEAD published a free dataset listing 26,500 publicly accessible IoT devices and 3,000 RTSP camera streams located in Saudi Arabia, encouraging their use as DDoS botnet nodes or anonymizing proxies. The dataset, compiled via active scanning, includes medical devices, routers, camera streaming systems, local servers,…
Threat actor Dreamer8000 claims to have breached Austrian trailer manufacturer HB Brantner and exfiltrated customer data, internal emails, NDAs, vehicle documentation, and confidential drawings and technical files. The actor posted the claim on a forum and linked to a leak blog, warning the exposure could affect HB Brantner’s partners, customers, employees,…
ByteToBreach leaked the full source code of Sweden’s E‑Government platform, claiming it was harvested from a heavily compromised CGI Sverige AB infrastructure. The actor also exposed staff databases, API signing systems, Jenkins SSH pivot credentials, RCE endpoints, and is selling citizen PII and electronic signing documents separately. #ByteToBreach #CGISverige…
Chinese EV charger maker ELECQ confirmed a ransomware attack on its AWS cloud systems on 7 March 2026 that resulted in the theft of customer personal data. ELECQ says financial records and charging devices were not affected, has initiated incident response, notified European regulators, and advised customers to watch for phishing and change their passwords. #ELECQ #AWS
Rusk County, Wisconsin announced on March 11, 2026 that it is investigating a cyberattack on its network and has engaged forensic experts to assess the incident and restore operations. The county’s public website and online payment pages remain accessible through third parties, but officials have not yet identified which systems were affected or confirmed whether personal data was compromised; the county’s domain was previously listed as a potential victim of the Lynx ransomware group in December 2025, though any connection remains unconfirmed. #RuskCounty #Lynx
The City of Herne has proactively taken parts of its IT systems offline, resulting in restricted citizen services. Officials mentioned a possible cyberattack but have not confirmed the cause, and recovery measures are currently under analysis. #CityOfHerne #herne_de
Viking Line has allegedly been breached after an unidentified actor exploited a Local File Inclusion vulnerability in Solr to obtain Tomcat credentials and access the master database. The incident reportedly exposed a full traveler database and a secondary NetAxept payments database containing names, contact details, vehicle registrations, transaction data, and internal…
Cgpey International Private Limited, an Indian fintech platform, was allegedly breached on February 3, 2026, with an unidentified actor claiming to have exfiltrated internal databases. The actor asserts about 26 GB of data and roughly 3.85 million unique records—primarily merchant payment processing logs—were stolen despite the company’s public claim of providing…
Saudi Arabian Oil Group (Aramco) is reported to have had thousands of sensitive employee records exposed after a threat actor published a database on a popular hacking forum. The post claims 68,385 rows of internal workforce data—including national IDs, employee IDs, full names, corporate emails, birthdates, citizenship/residency, broker account numbers, and…
The NightSpire ransomware group claims to have compromised NIXVAL IT Infrastructure, a neutral data center and colocation provider in Valencia, and has listed the company on its extortion portal. The portal shows a “TIME UP” deadline and currently states “Data is not available now,” with specific details about the compromised information…
The Qilin ransomware group claims to have breached Fortress Systems and Arimex Importadora, posting a list of alleged victims and stolen data. Reported exfiltrated materials include financial spreadsheets, bank statements (including NAB and Banco Comafi), consolidated financial statements, loan records, invoices, and SGS technical test reports. #Qilin #FortressSystems #ArimexImportadora…