Data Breaches Intelligence
Confirmed and emerging data breach reports: compromised databases, exposed records, underground marketplace listings, and what the stolen data means for your organization.
Data Breaches — Archive & Latest
Instructure Data Breach: Edtech Security Detection and Response Guide
Educational institutions face PII exposure after Instructure breach. Defenders must act to detect data exfiltration and secure student records.
Instructure Data Breach: Detecting ShinyHunters Exfiltration & LMS Defense
ShinyHunters claims the Instructure breach. Detect data exfiltration and harden your Canvas LMS environment against extortion.
ShinyHunters Breach of ADT: 5.5M Records Exposed — Detection and Defensive Response
ShinyHunters stole PII of 5.5M ADT customers. Defenders must hunt for data exfiltration TTPs and validate web access controls.
Healthcare Data Breach Response: Analyzing Attacks on Florida Physician Specialists & Mile Bluff Medical Center
Recent cyberattacks on Florida Physician Specialists and Mile Bluff Medical Center highlight the urgent need for healthcare-specific defenses.
Alabama Ophthalmology Associates Data Breach: Class Action Settlement and Incident Response Strategies
Healthcare providers face renewed liability risks following the Alabama Ophthalmology Associates breach settlement. Key defensive takeaways for protecting PHI.
UK Biobank Data Breach: Detecting Medical Data Exfiltration and Third-Party Risks
500k UK Biobank records found for sale on Chinese e-commerce. Defenders must audit third-party access and detect large-scale data egress.
ADT Breach: ShinyHunters Legacy Credential Compromise and Data Exfiltration — IR Guide
ADT confirmed a breach exposing customer data after ShinyHunters exploited stolen credentials. Defenders must audit legacy access controls and hunt for mass exfiltration.
Caribbean Medical Center Encryption Incident: Ransomware Detection and IR Playbook
Encryption-based attack on Caribbean Medical Center exposes 92k records. Defend against ransomware with these specific detection rules.
Healthcare Data Breaches: Mindpath Health, Springfield Hospital, and Lone Peak Psychiatry — Detection and Response Framework
Recent breaches at Mindpath Health, Springfield Hospital, and Lone Peak Psychiatry expose PHI vulnerabilities. Immediate defensive actions required.
Substack Platform Breach: Defensive Measures for Account Takeover and Data Exposure
Substack confirmed unauthorized access to user data. Immediate defensive actions required to mitigate account takeover and phishing risks.
Cookeville Regional Breach: Detecting and Containing Encryption-Based Healthcare Ransomware
338K patients impacted by ransomware. Defenders must deploy detection rules for encryption behavior and harden healthcare environments immediately.
Basic-Fit Data Breach: Incident Response and Detection of Mass PII Exfiltration
1M Basic-Fit members exposed. Detect mass data exfil TTPs, audit database access, and secure web applications against unauthorized access.
ProxyCare, Oscar Health, and AccentCare Breaches: Defending Against Healthcare Data Exfiltration
Recent breaches at ProxyCare, Oscar Health, and AccentCare highlight critical PHI exposure risks. Defenders must prioritize access control and exfiltration detection.
Zendesk Support Breach at Hims & Hers: Third-Party Supply Chain Defense
Telehealth provider Hims & Hers exposed PII via compromised Zendesk tickets. Defenders must audit third-party SaaS access and data governance immediately.
How to Defend Healthcare Networks Against Costly Data Breaches and Litigation
Learn defensive strategies to protect PHI and prevent costly settlements like the $3.85M Cardiovascular Consultants breach.
Defending Against Large-Scale Healthcare Data Breaches: Lessons from Nacogdoches Memorial
Mitigate risks of massive data exfiltration in healthcare. Learn detection strategies for unauthorized access and PHI protection.
How to Protect EHR Environments Against Breaches: Lessons from CareCloud
Defend against EHR breaches. Learn critical monitoring, detection rules, and remediation steps to protect patient data.
How to Defend Against Healthcare Data Breaches: Lessons from the OpenLoop Incident
Analyze the OpenLoop Health breach. Learn critical defense strategies and monitoring tactics to secure patient data and telehealth infrastructure.
Defensive Strategies for Rising Healthcare Data Breaches: Lessons from Recent Incidents
Recent breaches at New Horizons and CWA Local 1180 highlight critical vulnerabilities. Learn detection and remediation strategies to protect PHI.
How to Defend Against Third-Party Healthcare Data Breaches
The Deaconess Health breach highlights risks in vendor partnerships. Learn how to strengthen third-party risk management and protect PHI.
Mitigating Insider Threats in Healthcare: Lessons from the NADAP Breach
The NADAP breach exposed 90k records. Learn defensive strategies, monitoring techniques, and remediation steps to protect against insider data exfiltration.
Defending Against Persistent Network Threats in Healthcare: Lessons from NYC Health + Hospitals Breach
Learn how to detect, prevent, and respond to extended network compromises in healthcare environments to protect patient data.
Navia Data Breach Analysis: Fortifying Defenses Against Healthcare Data Exfiltration
Navia's breach exposed 2.7M records. Learn how to detect and prevent healthcare data exfiltration in your environment.
How to Protect Against Rising Healthcare Data Breaches and PHI Exposure
Recent breaches at Cedar Valley Services and Health Dimensions Group highlight the critical need for robust PHI protection and incident response.
Strategies to Prevent Costly Healthcare Data Breaches: Lessons from the $4M Essen Settlement
Learn key defense strategies from the Essen Medical $4M settlement to protect patient data and avoid costly HIPAA breaches.
Healthcare Data Breach Defense: Mitigating Risks After the Delta Medical Systems Incident
Recent breaches at Delta Medical Systems highlight critical gaps in healthcare security. Learn how to detect and defend against data exfiltration.
AiLock Ransomware Strikes England Hockey: Anatomy of a Sports Sector Data Breach
England Hockey investigates a potential data breach after the AiLock ransomware gang listed them on a leak site. Learn about the attack vectors.
Retail Breach Analysis: How Loblaw’s Mass Logouts Reveal the Risk of Credential Stuffing
Loblaw forces mass logouts following a security incident. We analyze the likely credential stuffing attack vectors and how to defend your retail environment.
Starbucks Partner Central Breach: Analyzing the Risks of Employee Portal Attacks
Threat actors accessed Starbucks Partner Central, compromising hundreds of employee accounts. Learn the tactics used and how to secure HR data.
Bell Ambulance Breach Exposes 238k Records: A Call for Hardened Healthcare Defenses
A massive data breach at Bell Ambulance compromised the sensitive data of 238,000 individuals. Discover the technical implications and critical security steps.
Supply Chain Attack Strikes Ericsson: Analyzing the Third-Party Vendor Breach
Ericsson confirms a data breach impacting thousands, traced to a compromised third-party vendor. Explore the risks and mitigation strategies for supply chain attacks.
Supply Chain Attack Hits Ericsson US: Third-Party Vendor Breach Exposes Sensitive Data
Ericsson US confirms a data breach after attackers compromised a third-party service provider, stealing sensitive employee and customer data.
Under Armour Breach: Analyzing the Risks of 72 Million Exposed Records
Under Armour investigates a data breach potentially exposing 72 million records. Learn why PII exposure is dangerous and how to defend your data.
FBI Wiretap Systems Breached: Assessing the Fallout and Securing Critical Infrastructure
The FBI confirms a breach impacting wiretap systems. We analyze the implications for critical infrastructure and the urgent need for modernized defense.
Cognizant TriZetto Breach: Analyzing the MOVEit Supply Chain Attack on Healthcare
3.4 million patients affected. We analyze the TriZetto breach, the MOVEit vulnerability CVE-2023-34362, and provide hunting queries for defenders.
New Zealand Orders Independent Review After Manage My Health Breach Exposes 120k Patients
NZ authorities mandate a security review following the Manage My Health breach, exposing sensitive records of over 120,000 patients.
LexisNexis Confirms Data Breach: Securing the Legal Sector's Crown Jewels
LexisNexis confirms a significant security breach exposing customer data. We analyze the impact on legal data integrity and third-party risks.
Critical Data Breach Exposes 1.2 Million Records at University of Hawaii Cancer Center
1.2 million individuals impacted by a breach at the University of Hawaii Cancer Center. Learn about the risks of PII/PHI exposure and key defense strategies.
Supply Chain Attack Exposes PII of 38 Million ManoMano Customers
A massive supply chain attack at ManoMano exposes the personal data of 38 million users. Learn the risks and mitigation strategies.
Under Armour Investigates Data Breach: 72 Million Records and the Risks of API Exposure
Under Armour investigates a potential breach exposing 72M records. Analysis of PII risks, API security gaps, and detection strategies.
CarGurus Data Breach: 12.4 Million Records Exposed by ShinyHunters
ShinyHunters claims responsibility for a massive leak of 12.4 million CarGurus records. Learn about the attack vectors and how to secure your organization against data extortion.
Wynn Resorts Data Breach: Dissecting the ShinyHunters Extortion Attack and Defense Strategies
Wynn Resorts confirms a massive employee data leak following a ShinyHunters extortion threat. We analyze the attack vectors and provide hunting queries.
New Zealand Health Breach Exposes 120k Records: Critical Lessons in Third-Party Risk
Following the Manage My Health breach affecting 120k patients, New Zealand orders a review. We analyze the risks of third-party vendors in healthcare.
Everest Ransomware Strikes Vanta Diagnostics, Compromising 140k Patient Records
The Everest ransomware group claims responsibility for a breach at Vanta Diagnostics, exposing sensitive data of 140,000 individuals.
Registry Reckoning: Analyzing the French Bank Data Breach and Risks to Financial Infrastructure
1.2 million accounts were compromised in a recent French bank registry breach. We analyze the attack vectors and SOC detection strategies.
Logic Fail: How a PayPal Software Error Exposed SSNs for Six Months
PayPal disclosed a data breach where a software error exposed SSNs via its loan application. We analyze the risks of business logic flaws.
Every Data BreachesReport Includes SIGMA & KQL Detection Rules
Every intelligence briefing on this page includes at least one Sigma rule, a Microsoft Sentinel KQL hunt query, and an IOC check script — ready to drop into your SIEM. No paywall. No registration.