Data Breaches

Eric Neugeboren reports: Nevada’s IT agency has rolled out a new policy aimed at standardizing the privacy of state data, months after a massive cyberattack crippled certain systems for weeks. The policy announced Wednesday from the Governor’s Technology Office marks the first time the state will have clear-cut categories for data sensitivity. Officials said this will allow… Source

itv reports: Guernsey’s Data Protection Authority (ODPA) has sanctioned First Contact Health after it failed to implement sufficient security measures to prevent a phishing attack. The cybersecurity breach saw fraudsters successfully target an employee’s email account, gaining access to confidential health data at the medical practice. First Contact Health became aware and reported the data breach… Source

Abby Sourwine reports: Ransomware attacks against schools and universities held relatively steady in 2025, but the scale of data exposure rose sharply, driven in part by third-party software vulnerabilities and a handful of outsized higher education breaches. According to U.K.-based technology research company Comparitech’s latest education ransomware roundup, ransomware gangs globally claimed 251 attacks on educational… Source

Reza abasi notes that there is a new forum called the “Kurd Hacker Forum” that focuses on databreaches in Iran, Syria, and Turkey. The domain was registered January 28, 2026. The forum, which is on the clear net, looks like it has the same format as the classic BreachForums, with the same types of sections… Source

Zack Whittaker reports: Dutch phone company Odido has confirmed a data breach affected millions of its customers. The company said in a statement Thursday that unidentified hackers gained access to its customer contact system and covertly downloaded reams of customer information. A spokesperson for Odido told local Dutch media that the breach affects more than 6.2 million customers, or… Source

Their headline was, “Attor­ney Gen­er­al Ken Pax­ton Demands Infor­ma­tion from Blue Cross Blue Shield of Texas and Con­duent as Part of Inves­ti­ga­tion into Largest Data Breach in U.S. History,” but that seemed terribly wrong. Is Texas Attorney General Ken Paxton using AI as for his research?  “Largest Data Breach in U.S. History?” Doesn’t he remember… Source

Heekyong Yang and Hyunjoo Jin report:  South Korean officials blamed a massive data leak last year at Coupang on management failure, rather than a sophisticated cyberattack, and urged the e-commerce giant to fix vulnerabilities in its security systems. Announcing the first findings of a government-led probe, the Science Ministry said on Tuesday a former Coupang… Source

The South Korean regulator has imposed fines on three LVMH luxury brands in the wake of data breaches previously reported on this site. A machine translation of the South Korean notice indicates that the Personal Information Protection Commission imposed fines of  36.033 billion won USD $24,925,824.15 and penalties of 10.8 million won $7,472.78. on three luxury… Source

Erin Schilling and Erin Slowey report: The IRS’ improper disclosure of thousands of immigrants’ personal information to the Department of Homeland Security fulfilled early warnings that the data-sharing deal between the agencies would put taxpayer data at risk. The IRS and DHS in April 2025 agreed to share data of immigrants to help with criminal… Source

DataBreaches is not on TikTok and, being something of a dinosaur, never heard of “Josh and Jase” before. But no patient should have their privacy violated the ways Josh’s was. What happened to “break the glass?” What happened to all the software and auditing protections to prevent hospital employees from snooping on celebrity patients’ records?… Source