Breach & Build — cybersecurity news

Pillows, promotions, and perilous practices! We uncovered how a mundane coupon can turn into a serious security oversight. Layla Sleep's March 2026...

#Technology #BreachAndBuild #LaylaSleep #CouponSecurity #DataExposure

breachandbuild.com/layla-sleep-coupon-save-...

CareCloud says one EHR environment hit in New Jersey CareCloud says one EHR environment was disrupted for about eight hours as it investigates whether patient data was accessed or exfiltrated.

CareCloud says one EHR environment hit in New Jersey #CareCloud #EHR #UnauthorizedAccess #NewJersey #SEC #DataExposure dysruptionhub.com/carecloud-ehr-outage-new...

Navia Breach Impacts HackerOne Data
Read More: buff.ly/okMMU1I

#ThirdPartyRisk #VendorBreach #HackerOne #EmployeeData #DataExposure #SupplyChainRisk #CyberIncident #Infosec

Dutch Finance Ministry Probes Breach
Read More: buff.ly/Wo9ttJ0

#NetherlandsCyber #GovernmentBreach #MinistryOfFinance #PublicSectorCyber #IncidentResponse #CyberInvestigation #DataExposure #InfosecNews

⚠️ Weak SQL configs silently expose full databases

Over 1.7k MS SQL servers were found publicly accessible with weak or no authentication, enabling attackers to directly query databases, deploy malware, or encrypt data without needing initial exploitation.

#ransomNews #DataExposure #CyberRisk

Telus Digital Faces Scrutiny Following Claims of Large-Scale Data Extraction   Canadian outsourcing and digital services firm Telus Digital has confirmed that it experienced a cybersecurity incident after threat actors alleged they had extracted an enormous volume of data, estimated at nearly one petabyte, over a prolonged period of unauthorized access. Telus Digital operates as the outsourcing and digital solutions division of Telus. The company provides services such as customer support, content moderation, artificial intelligence data operations, and other business process outsourcing functions to organizations around the world. Because firms in this sector often manage customer interactions, billing systems, and internal authentication tools on behalf of multiple clients, they are frequently targeted by attackers aiming to gain access to large datasets through a single compromise. The breach has been linked to a threat group known as ShinyHunters, which claims it obtained a wide range of customer-related data connected to Telus Digital’s outsourcing services, along with call records tied to Telus’ consumer telecommunications operations. Reports about a possible breach had surfaced earlier this year, and inquiries were made to the company at the time, though no response was received then. Telus has now acknowledged the incident, stating that it is investigating what information may have been accessed and which customers could be affected. In its official statement, the company said unauthorized access was identified in a limited number of systems. It added that immediate steps were taken to contain the activity and prevent further intrusion. Telus also stated that its operations remain fully functional, with no evidence of disruption to customer connectivity or services. The company confirmed that external cyber forensics specialists have been engaged and that law enforcement authorities are involved. It further noted that additional safeguards have been implemented and that affected customers will be notified where appropriate. Sources indicated that the attackers attempted to extort the company, but Telus did not engage in communication with them. Attack Method and Data Exposure Claims After learning that the company was not negotiating, the attackers were contacted for further details regarding the incident. According to their claims, the intrusion began with access to Google Cloud Platform credentials that were previously exposed in data linked to the Salesloft Drift breach. In that earlier incident, attackers extracted Salesforce data belonging to approximately 760 organizations, including customer support tickets. These records were then examined to locate credentials, authentication tokens, and other sensitive information, which could be reused to access additional systems. The threat actors stated that they identified credentials associated with Telus within that dataset. These credentials allegedly enabled them to access multiple internal systems, including a large BigQuery data environment. After extracting initial data, they reportedly used the tool trufflehog to scan for further secrets, allowing them to expand their access into additional parts of the company’s infrastructure. The group claims that the total amount of data taken is close to one petabyte, though this figure has not been independently verified. They also shared the names of 28 well-known companies that they allege were affected. However, these claims have not been confirmed, and the identities of those organizations remain undisclosed. The data described by the attackers covers a wide range of business operations. This includes information related to customer support services, call center activities, agent performance metrics, AI-powered support systems, fraud detection mechanisms, and content moderation processes. In addition, they claim to have accessed source code, financial records, Salesforce data, background verification documents, and recordings of customer service calls. The breach is also said to affect Telus’ telecommunications operations, particularly its consumer fixed-line services. The allegedly exposed data includes detailed call logs, voice recordings, and campaign-related information. Samples of these call records reportedly contain timestamps, call durations, originating and receiving numbers, and technical metadata such as call quality indicators. Overall, the nature of the exposed data appears to vary significantly depending on the organization, indicating that multiple business functions across different clients may have been impacted. The attackers stated that they began extortion attempts in February, demanding $65 million in exchange for not releasing the stolen data. The company did not respond to these demands. Telus has indicated that further updates may be provided as its investigation progresses. Who Are ShinyHunters The name ShinyHunters has been associated with various individuals and cyber incidents over time, but the group currently operating under this identity has emerged as one of the more active data extortion actors in recent months. Their operations have largely focused on compromising cloud-based platforms, particularly those connected to enterprise software ecosystems. The group has been linked to incidents involving major organizations such as Google, Cisco, and Match Group, among others. More recently, their tactics have expanded to include voice phishing, or vishing, attacks. In these cases, employees are contacted by individuals posing as IT support staff and are persuaded to reveal login credentials or multi-factor authentication codes through fraudulent websites. The group has also been observed using device code phishing techniques to obtain authentication tokens linked to identity platforms such as Microsoft Entra. Once valid credentials and authentication codes are obtained, attackers can take control of single sign-on accounts and gain access to interconnected enterprise services, including Salesforce, Microsoft 365, Google Workspace, SAP, Slack, Adobe, Atlassian, Zendesk, and Dropbox. Security Implications This incident reflects a broader trend in which attackers reuse previously stolen data to launch new intrusions. It also highlights the elevated risk associated with outsourcing providers that centralize sensitive operations for multiple organizations. Cybersecurity experts increasingly note that modern attacks often occur in stages, where one breach creates opportunities for subsequent compromises. As businesses continue to rely on cloud platforms and third-party service providers, the potential scale and impact of such incidents continue to grow. The situation is currently under investigation, and additional verified details are expected as more information surfaces.

Telus Digital Faces Scrutiny Following Claims of Large-Scale Data Extraction #DataBreach #DataExposure #Microsoft365

Bank software vendor Marquis says more than 670,000 impacted by August breach A cyberattack on bank vendor Marquis Software exposed personal and financial information for 672,075 people, with investigators saying hackers copied files from the vendor’s systems after a breach discovered on August 14. Although Marquis initially identified 74 affected financial institutions, aggregated state filings and third-party analyses put the likely victim count...

More than 672,000 individuals affected by August breach at bank software vendor Marquis, with stolen personal and financial data. Initial 74 institutions impacted, potential victims may exceed 1 million. #MarquisBreach #DataExposure #USA

Millions of UK firms on alert after Companies House data exposure - Help Net Security Companies House restored its WebFiling service after fixing a vulnerability that may have exposed the personal data of millions of firms.

Millions of UK firms on alert after Companies House data exposure

🔗 Read more: www.helpnetsecurity.com/2026/03/17/c...

#UK #EU #dataexposure

Starbucks Reports Employee Data Breach
Read More: buff.ly/isVLZvQ

#StarbucksBreach #EmployeeData #AccountCompromise #CorporateSecurity #DataExposure #BreachDisclosure #CyberIncident #InfosecNews

Insightin Health Reports New Data Breach
Read More: buff.ly/4zeniCE

#HealthcareBreach #GoAnywhere #MedusaRansomware #PHIData #InsuranceData #DataExposure #BreachDisclosure #InfosecNews

Ericsson US Confirms Third-Party Breach
Read More: buff.ly/JUAZwD6

#Ericsson #ThirdPartyRisk #VendorBreach #DataExposure #EnterpriseSecurity #SupplyChainRisk #CyberIncident #Infosec

TriZetto Breach Hits 3.4M Patients
Read More: buff.ly/h8tEXPN

#TriZetto #HealthcareBreach #MedicalData #PHIData #DataExposure #CyberIncident #PatientPrivacy #InfosecNews

Colombia Tax Agency Breach May Expose Data
Read More: buff.ly/Ltu1ng0
#ColombiaCyber #DIAN #GovernmentBreach #DataExposure #DarkWebSale #PublicSectorCyber #CyberIncident #InfosecNews

UFP Technologies Confirms Data Breach
Read More: buff.ly/PRuDbmy

#UFPTechnologies #MedicalDeviceSecurity #SECfiling #CorporateBreach #DataExposure #CyberIncident #EnterpriseSecurity #InfosecNews

PayPal disclosed a 6-month PII exposure tied to a software error in its loan app.

SSNs, DOBs & contact data exposed.
~100 users affected.

Follow TechNadu for independent cybersecurity reporting.

#CyberSecurity #DataPrivacy #Fintech #Infosec #DigitalRisk #SecurityCommunity #DataExposure

A Vast Trove of Exposed Social Security Numbers May Put Millions at Risk of Identity Theft A database left accessible to anyone online contained billions of records, including sensitive personal data that criminals appear to have not yet exploited.

www.wired.com/story/a-mega...

UpGuard researchers found a publicly exposed database with around 3 billion email/password pairs and 2.7 billion records with Social Security numbers.

#Cybersecurity #DataBreach #Privacy #IdentityTheft #Infosec #DataExposure #DigitalSecurity

Odido Announces Data Breach
Read More: buff.ly/cc0KoxZ

#Odido #NetherlandsCyber #TelecomBreach #CustomerData #DataExposure #BreachDisclosure #CyberIncident #InfosecNews

Flickr Discloses Potential Data Exposure Following Third-Party Email Provider Vulnerability Flickr discloses a potential data breach originating from a third-party vendor, exposing user names, emails, and IP addresses. Learn about the security incident.

Full details:
www.technadu.com/flickr-discl...

Do third-party vendors pose the biggest security risk today? Comment your opinion below.
#DataExposure #CyberSecurity #PrivacyMatters #ThirdPartyRisk

Mexican Government Faces Leak Allegations
Read More: buff.ly/FL0mmLy

#DataLeakClaims #MexicoCyber #Hacktivism #GovernmentData #InformationSecurity #PublicSectorCyber #DataExposure #CyberNews

A researcher disclosed a publicly exposed database containing millions of stolen login credentials collected by infostealer malware.
It shows how quietly credential theft operates and how long data can remain exposed without detection.
#CyberSecurity #DataExposure #InfoSec #DigitalPrivacy #TechNadu

Hackers Steal Student Data In Victoria
Read More: buff.ly/QcF5MLz

#EdTechSecurity #StudentData #AustraliaCyber #EducationIT #PasswordReset #SchoolSecurity #PublicSectorCyber #DataExposure #CyberAwareness

Pax8 confirmed an accidental email that exposed internal business & licensing data affecting MSP partners.
No personal data was involved, but the incident highlights how non-PII business data can still introduce security & trust risks in cloud ecosystems.
#CyberSecurity #CloudSecurity #DataExposure

Pax8 Exposes Data Of 1800 MSP Partners
Read More: buff.ly/KGfXtVk

#Pax8 #MSPSecurity #PartnerDataLeak #DataExposure #MicrosoftLicensing #CloudMarketplace #ThirdPartyRisk #EmailMisconfiguration #DataGovernance

The Change Healthcare #databreach lawsuit is moving forward as Court rejected dismissal attempts signaling progress to hold them accountable for security failures. The rulings focus on alleged inadequate security, delayed notifications, & major
#dataexposure. As you recall almost 200M were impacted

Baker University Data Breach Hits 53,000
Read More: buff.ly/uiLG6zC

#BakerUniversityBreach #EducationSectorBreach #DataExposure #InfosecIncident #PrivacyRisk #BreachNotification #CyberAwareness

Neo AI Browser: How Norton’s AI-Driven Browser Aims to Change Everyday Web Use   Web browsers are increasingly evolving beyond basic internet access, and artificial intelligence is becoming a central part of that shift. Neo, an AI-powered browser developed by Norton, is designed to combine browsing, productivity tools, and security features within a single platform. The browser positions itself as a solution for users seeking efficiency, privacy control, and reduced online distractions. Unlike traditional browsers that rely heavily on cloud-based data processing, Neo stores user information directly on the device. This includes browsing history, AI interactions, and saved preferences. By keeping this data local, the browser allows users to decide what information is retained, synchronized, or removed, addressing growing concerns around data exposure and third-party access. Security is another core component of Neo’s design. The browser integrates threat protection technologies intended to identify and block phishing attempts, malicious websites, and other common online risks. These measures aim to provide a safer browsing environment, particularly for users who frequently navigate unfamiliar or high-risk websites. Neo’s artificial intelligence features are embedded directly into the browsing experience. Users can highlight text on a webpage to receive simplified explanations or short summaries, which may help when reading technical, lengthy, or complex content. The browser also includes writing assistance tools that offer real-time grammar corrections and clarity suggestions, supporting everyday tasks such as emails, reports, and online forms. Beyond text-based tools, Neo includes AI-assisted document handling and image-related features. These functions are designed to support content creation and basic processing tasks without requiring additional software. By consolidating these tools within the browser, Neo aims to reduce the need to switch between multiple applications during routine work. To improve usability, Neo features a built-in ad blocker that limits intrusive advertising. Reducing ads not only minimizes visual distractions but can also improve page loading speeds. This approach aims to provide a smoother and more focused browsing experience for both professional and casual use. Tab management is another area where Neo applies automation. Open tabs are grouped based on content type, helping users manage multiple webpages more efficiently. The browser also remembers frequently visited sites and ongoing tasks, allowing users to resume activity without manually reorganizing their workspace. Customization plays a role in Neo’s appeal. Users can adjust the browser’s appearance, create shortcuts, and modify settings to better match their workflow. Neo also supports integration with external applications, enabling notifications and tool access without leaving the browser interface. Overall, Neo reflects a broader trend toward AI-assisted browsing paired with stronger privacy controls. By combining local data storage, built-in security, productivity-focused AI tools, and performance optimization features, the browser presents an alternative approach to how users interact with the web. Whether it reshapes mainstream browsing habits remains to be seen, but it underlines how AI is steadily redefining everyday digital experiences.

Neo AI Browser: How Norton’s AI-Driven Browser Aims to Change Everyday Web Use #aibrowser #DataExposure #DigitalSecurity

Barts Health NHS Trust Breach Rocks Global Hospital Cybersecurity Assumptions How a Zero-Day in a Widely Used Business Platform Exposed Years of Patient and Staff Data

🏥The breach at Barts Health NHS Trust highlights a rising danger across global hospitals as attackers pivot toward financial & admin systems hidden behind everyday operations ⚠️.
#CyberLens #Cybersecurity #HospitalSecurity #DataExposure #DigitalRisk #HealthcareTech

thecyberlens.com/p/barts-heal...

Data brokers are exposing medical professionals, and turning their personal lives into open files - Help Net Security Healthcare staff face rising data exposure as personal details appear on people search sites, increasing safety risks across medical roles.

Healthcare staff data is being exposed at alarming rates — protecting patients starts with protecting those who care for them. 🩺🔓 #HealthDataSecurity #DataExposure

Code-beautifier tools were found leaking 80k+ JSON pastes containing credentials, keys, tokens, and PII through a public “Recent Links” feature. Automated scanners even hit expired uploads...

#CyberSecurity #AppSec #DataExposure #Infosec #CloudSecurity #TechNadu #ThreatIntel

The Drain of Trust in Online Tools as JSON Formatter Leaks Reveal a Massive Password Exposure Crisis How simple JSON beautifiers and code formatting websites silently harvested credentials for years and what security teams must do now

⚠️Years of quiet data capture from JSON Formatters & code beautifiers have exposed thousands of sensitive credentials. Developers & security teams should rethink the tools they rely on. 🔐
#CyberLens #Cybersecurity #DataExposure #DevSecOps #SecurityNews #OnlineSafety

thecyberlens.com/p/the-drain-...