#Dataleak

Cybersecurity News Everyday

@hendryadrian.bsky.social

1 day ago

Data breach on French mental health platform Therapeutes exposes 71,502 patient records and 199,697 therapy appointments. Leaked data includes consultation details, reasons for visits, emails, and phone numbers. #DataLeak #MentalHealth #France

CySecurity News

@cysecuritynews.bsky.social

1 day ago

French FICOBA Breach Exposes 1.2M Bank Accounts  A major cyberattack struck France's national bank account registry, FICOBA, exposing sensitive data from over 1.2 million accounts.The breach occurred in late January 2026 when hackers stole login credentials from a civil servant and impersonated an authorized user to access the database. This incident highlights vulnerabilities in government systems handling financial records. FICOBA serves as France's central repository for all bank accounts opened in domestic institutions, storing identifiers like RIB and IBAN numbers, holder names, and postal addresses. Attackers extracted this information but could not access balances or perform transactions, according to officials. The French Ministry of Finance confirmed tax IDs were not compromised, though early reports varied. Authorities detected the intrusion swiftly, immediately restricting access and taking the database offline temporarily.It was restored with enhanced security measures after collaboration with the National Cybersecurity Agency (ANSSI). A formal complaint was filed with the National Commission for Information Technology and Civil Liberties (CNIL), and notifications are underway to affected individuals and banks. The exposure raises alarms for phishing scams and SEPA direct debit fraud, with banks already noting increased suspicious SMS and emails.Criminals could exploit IBANs and personal details for identity theft or unauthorized payments. French tax authorities warn they never request banking info via unsolicited messages. Safety recommendations  To protect yourself post-breach, monitor bank statements daily for unauthorized activity and enable transaction alerts. Change passwords on financial accounts, using unique strong ones via a password manager, and activate multi-factor authentication (MFA) everywhere possible. Avoid clicking links in unsolicited emails or texts claiming breach notifications—contact your bank directly through official apps or sites. Further, freeze credit reports if available in your country to block new accounts in your name, and consider credit monitoring services. Report suspicious activity to your bank and local cyber police immediately.Regularly update software and use antivirus tools to prevent credential theft, emphasizing least-privilege access in organizations. These steps minimize risks from exposed data like in the FICOBA incident.

French FICOBA Breach Exposes 1.2M Bank Accounts #CyberAttacks #DataLeak #FICOBA

Cybersecurity News Everyday

@hendryadrian.bsky.social

2 days ago

Full Source Code of Sweden's E-Government Platform Leaked From Compromised CGI Sverige Infrastructure ByteToBreach leaked the full source code of Sweden's E‑Government platform, claiming it was harvested from a heavily compromised CGI Sverige AB infrastructure. The actor also exposed staff databases, API signing systems, Jenkins SSH pivot credentials, RCE endpoints, and is selling citizen PII and electronic signing documents separately. #ByteToBreach #CGISverige...

ByteToBreach leaked the full source code of Sweden’s E-Government platform from a compromised CGI Sverige AB infrastructure. Exposed data includes staff databases, API signing systems, Jenkins SSH credentials, and RCE endpoints. #Sweden #DataLeak

CySecurity News

@cysecuritynews.bsky.social

2 days ago

Google API Keys Expose Gemini AI Data via Leaked Credentials  Google API keys, once considered harmless when embedded in public websites for services like Maps or YouTube, have turned into a serious security risk following the integration of Google's Gemini AI assistant. Security researchers at Truffle Security uncovered this issue, revealing that nearly 3,000 live API keys—prefixed with "AIza"—are exposed in client-side JavaScript code across popular sites. Truffle Security's scan of the November 2025 Common Crawl dataset, which captures snapshots of major websites, identified 2,863 active keys from diverse sectors including finance, security firms, and even Google's own infrastructure. These keys, deployed sometimes years ago (one traced back to February 2023), were originally safe as mere billing identifiers but gained unauthorized access to Gemini endpoints without developers' knowledge.Attackers can simply copy a key from page source, authenticate to Gemini, and extract sensitive data like uploaded files, cached contexts, or datasets via simple prompts. The danger extends beyond data theft to massive financial abuse, as Gemini API calls consume tokens that rack up charges—potentially thousands of dollars daily per compromised account, depending on the model and context window. Truffle Security demonstrated this by querying the /models endpoint with exposed keys, confirming access to private Gemini features. One reported case highlighted an $82,314 bill from a stolen key, underscoring the real-world impact. Google acknowledged the flaw as "single-service privilege escalation" after Truffle's disclosure on November 21, 2025, and implemented fixes by January 2026, including blocking leaked keys from Gemini access, defaulting new AI Studio keys to Gemini-only scope, and sending proactive leak notifications. Despite these measures, the "retroactive privilege expansion" caught many off-guard, as enabling Gemini in projects silently empowered old keys. Developers must immediately audit Google Cloud projects for Gemini API enablement, rotate all exposed keys, and restrict scopes to essentials—avoiding the default "unrestricted" setting. Tools like TruffleHog can scan code repositories for leaks, while regular monitoring prevents future exposures in an era where AI services amplify API risks. This incident highlights the need for vigilance as cloud features evolve.

Google API Keys Expose Gemini AI Data via Leaked Credentials #APIKeys #DataBreach #DataLeak

LaneSystems

@lanesystems.bsky.social

2 days ago

Lloyds, Bank of Scotland and Halifax apps showed customers other users' transactions The Lloyds Banking Group customers reported being able to view payments and charges from other sources.

Lloyds, Bank of Scotland and Halifax apps showed customers other users' transactions
www.bbc.co.uk/news/article...

Glitch meant they were able to view charges and payments made by other people.
#CyberSecurity #DataLeak #DataProtection #LloydsBankingGroup #OnlineBanking

Cybersecurity News Everyday

@hendryadrian.bsky.social

3 days ago

Bell Ambulance data breach impacted over 238,000 people Nearly 238,000 individuals were impacted by a February 2025 data breach at U.S.-based emergency medical services provider Bell Ambulance, which exposed names, Social Security numbers, birth dates, driver’s licenses, financial, medical, and health insurance information. The Medusa ransomware group claimed responsibility, leaked over 219 GB of allegedly stolen data, and Bell...

Bell Ambulance suffered a data breach affecting over 238,000 individuals, exposing sensitive personal and financial info. The Medusa ransomware group claimed responsibility and leaked 219 GB of data. #DataLeak #BellAmbulance #USA

Pixels and Pulse - Blog

@pixelsandpulse.bsky.social

3 days ago

1 billion identity records exposed in a massive ID verification data leak. Cybernews points to IDMerit, raising serious questions about KYC security. What happened?

thepixelspulse.com/posts/id-verification-da...

#dataleak #cybersecurity #identitytheft

Cybersecurity News Everyday

@hendryadrian.bsky.social

3 days ago

Viking Line Ferries Allegedly Breached With Full Passenger Database and Payment Data Leaked A threat actor calling themselves bytetobreach claims to have breached Viking Line and published a full passenger database including vehicle registration plates and system credentials. They also published a correlated NetAxept payment dataset tying passengers to onboard transactions and detailed an attack chain exploiting a 2021 Solr LFI to obtain Tomcat...

Viking Line reportedly breached by threat actor bytetobreach, leaking full passenger database with vehicle plates and payment data linked to onboard transactions. Exploit traced to 2021 Solr LFI and Tomcat creds leak. #Finland #DataLeak

Negative PID

@negativepid.bsky.social

3 days ago

The Edward Snowden Leaks - Negative PID In May 2013, a group of journalists at The Guardian started receiving classified information through encrypted channels from an anonymous source. On June 5,

The Edward Snowden Leaks

negativepid.blog/the...

#EdwardSnowden #dataLeak #dataBreaches #hackers #dataSecurity #dataPrivacy #compliance #governance #Europe #US #dataRegulations #privacy #onlinePrivacy #negativepid

Jojo 🌺

@jojojukestar.bsky.social

4 days ago

#ageverification #idverification #dataleak

Hackread.com

@hackread.bsky.social

4 days ago

ShinyHunters Hackers Threaten 400 Firms Over Stolen Salesforce Data ShinyHunters claims to have stolen data from 400 firms via Salesforce portals and is threatening to leak the information unless ransom demands are paid.

The #ShinyHunters hacking group has issued a warning to nearly 400 organizations, threatening to leak stolen #Salesforce portal data unless ransom demands are met.

Read hackread.com/shinyhunters...

#CyberSecurity #DataBreach #CyberAttack #DataLeak

Cybersecurity News Everyday

@hendryadrian.bsky.social

4 days ago

Hospital Universitario Del Valle Data Breach Exposes Medical Records Hospital Universitario Del Valle (HUV) in Cali, Colombia has allegedly been breached and a threat actor claims to have exfiltrated approximately 25 GB (264,454 lines) of highly sensitive patient and medical records. The actor is reportedly attempting to sell the database for $500 on a cybercrime forum, exposing identifiers, clinical lab...

A data breach at Hospital Universitario Del Valle in Cali, Colombia exposes 25 GB of sensitive patient records, including identifiers, lab results, and radiographs. Database reportedly for sale at $500. #DataLeak #MedicalRecords #Colombia

CyberMaterial

@cybermaterial.bsky.social

5 days ago

HungerRush Breach Exposes 28M Users
Read More: buff.ly/uUSxhAx

#HungerRush #POSsecurity #CustomerData #DataLeak #RestaurantTech #CybercrimeForum #MassDataExposure #InfosecAlert

Hypefresh For HipHop

@hiphopultimate.bsky.social

1 week ago

Thinking of buying Meta Glasses? Your recorded footage could accidentally be made public on Facebook or Instagram. Understand the privacy risks before you start recording.

#MetaGlasses #PrivacyAlert #SmartGlasses #TechSafety #DataLeak

www.hypefresh.com/meta-glasses...

Ran Geva

@rangeva.bsky.social

1 week ago

this is such a mess. location data is a huge target, always has been. it really shows how "anonymized" is a joke. keep an eye on your permissions. for general breach monitoring, free tools like Lunar (https://lunarcyber.com/ can help too. #Privacy #DataLeak

SoyaCincau

@soyacincau.bsky.social

1 week ago

MACC joins global crackdown on LeakBase hacker forum, servers hosted in KL seized - SoyaCincau MACC assists global law enforcement to dismantle LeakBase hacker forum that's hosted in Malaysia. Leakbase was used as a platform to buy and sell stolen data.

MACC joins global crackdown on LeakBase hacker forum, servers hosted in KL seized #databaseleak #databreach #dataleak #digitallife #hackerforum #leakbase #macc #news #usdoj

@a7tackzeus.bsky.social

1 week ago

People are trashing Brave Browser for glitches and a data leak. But Google has had leaks too. One mistake and it’s suddenly evil. It’s a new idea in a crowded market. I still believe in the product. Zap⚡
#tech #brave #crypto #dataleak #browser

JAG

@jag0911.bsky.social

1 week ago

Cybercrime: Behörden schalten das Datenleak-Forum LeakBase ab Nach der Beschlagnahmung der LeakBase-Datenbank, einem der weltweit größten Cybercrime-Foren, identifizierten und verhafteten die Behörden mehrere Verdächtige.

#Cybercrime: Behörden schalten das #DatenleakForum #LeakBase ab #EU #EuroPol #Dataleak
heise.de/-11199616

IT-Connect

@it-connect.bsky.social

1 week ago

𝗬𝗴𝗴𝗧𝗼𝗿𝗿𝗲𝗻𝘁, 𝗰'𝗲𝘀𝘁 𝗳𝗶𝗻𝗶. 📉

Fin de YggTorrent : un pirate détruit le site et révèle les pratiques mafieuses de ses admins

🔗 Retrouvez mon article à ce sujet
- www.it-connect.fr/fin-de-yggto...

#warez #infosec #dataleak

JustGeek

@justgeekfr.bsky.social

1 week ago

YggTorrent ferme définitivement après un piratage massif YggTorrent ferme définitivement après un piratage majeur. Un hacker affirme avoir infiltré l’infrastructure et exfiltré 19 Go de données.

🏴‍☠️ YggTorrent ferme définitivement après un piratage massif

👉 www.justgeek.fr/yggtorrent-f...

#YggTorrent #Ygg #Torrent #Piratage #DataLeak

ProgrammerHumor.io

@programmerhumor-io.bsky.social

1 week ago

Confidential Information

Confidential Information

#Chatgpt #Ai #security #Dataleak #Badpractices

programmerhumor.io/ai-memes/confidential-in...

LaneSystems

@lanesystems.bsky.social

1 week ago

South Korea’s tax office apologizes for password leak : Went from triumph at having busted tax dodgers to embarrassment at losing the proceeds

South Korea’s tax office apologizes for leaking seed phrase to seized #crypto
www.theregister.com/2026/03/02/s...

Triumph at busting tax dodgers turns to embarrassment at losing the proceeds.
#CyberCrime #CryptoCrime #Cryptocurrency #DataLeak

@securitypatrick.bsky.social

2 weeks ago

A simcard on a fishing hook.

Security (b)log: Telco hacked

The data theft at Dutch telco Odido is big news. What went wrong?

#telco #security #dataleak #odido

securityblogpatrick-english.blogspot.com

Android

@android.activitypub.awakari.com.ap.brid.gy

2 weeks ago

AI Image App Leaks 1.5 Million User-Generated Photos An Android app that promised AI-powered photo and video makeovers instead left a large volume of user content publicly exposed, according to res...

#News #Technology #aiapp #aiphotoapp #android #dataleak […]

[Original post on petapixel.com]

THE RAVEN FILE

@theravenfile.bsky.social

2 weeks ago

Akira Ransomware Negotiation

#Akira #Ransomware #Security #DarkWeb #Infosec #CyberSecurity #DataBreach #Dataleak #Privacy #Infostealer #Malware #FBI #CISA #OSINT

CyberMaterial

@cybermaterial.bsky.social

2 weeks ago

PayPal Reveals Extended Data Leak
Read More: buff.ly/8CUu17H

#PayPal #DataLeak #FinTechSecurity #CustomerData #PIIExposure #BreachDisclosure #CyberIncident #InfosecNews

LaneSystems

@lanesystems.bsky.social

2 weeks ago

Cornwall council mishandles complaints in data breach case : Confidential complainant details passed to local politician following debate

UK council faces #databreach claim after mishandling trans complaints
www.theregister.com/2026/02/22/c...

Personal details of individuals behind a series of complaints revealed to UK councillor.
#CyberSecurity #InfoSec #DataProtection #DataLeak #Cornwall

LaneSystems

@lanesystems.bsky.social

2 weeks ago

PayPal app code error leaked personal info : About 100 customers affected

#PayPal app code error leaked personal info and a 'few' unauthorized transactions
www.theregister.com/2026/02/20/p...

Says ~100 customers affected.
#CyberSecurity #InfoSec #DataProtection #DataLeak

Awesome Agents

@awesomeagents.bsky.social

2 weeks ago

An OpenClaw Agent Published a Firm's Internal Threat Intelligence to the Open Web. It Was Doing Exactly What It Was Told. An OpenClaw agent with access to a cybersecurity firm's internal CTI platform published confidential analysis on ClawdINT.com. The agent worked perfectly - the permissions didn't.

An OpenClaw Agent Published a Firm's Internal Threat Intelligence to the Open Web. It Was Doing Exactly What It Was Told.

awesomeagents.ai/news/openclaw-agent-leak...

#Openclaw #AiAgents #DataLeak

CySecurity News

@cysecuritynews.bsky.social

2 weeks ago

Critical better-auth Flaw Enables API Key Account Takeover  A flaw in the better-auth authentication library could let attackers take over user accounts without logging in. The issue affects the API keys plugin and allows unauthenticated actors to generate privileged API keys for any user by abusing weak authorization logic. Researchers warn that successful exploitation grants full authenticated access as the targeted account, potentially exposing sensitive data or enabling broader application compromise, depending on the user’s privileges.  The better-auth library records around 300,000 weekly downloads on npm, making the issue significant for applications that rely on API keys for automation and service-to-service communication. Unlike interactive logins, API keys often bypass multi-factor authentication and can remain valid for long periods. If misused, a single key can enable scripted access, backend manipulation, or large-scale impersonation of privileged users.  Tracked as CVE-2025-61928, the vulnerability stems from flawed logic in the createApiKey and updateApiKey handlers. These functions decide whether authentication is required by checking for an active session and the presence of a userId in the request body. When no session exists but a userId is supplied, the system incorrectly skips authentication and builds user context directly from attacker-controlled input. This bypass avoids server-side validation meant to protect sensitive fields such as permissions and rate limits.  In practical terms, an attacker can send a single request to the API key creation endpoint with a valid userId and receive a working key tied to that account. The same weakness allows unauthorized modification of existing keys. Because exploitation requires only knowledge or guessing of user identifiers, attack complexity is low. Once obtained, the API key allows attackers to bypass MFA and operate as the victim until the key is revoked.  A patched version of better-auth has been released to fix the authorization checks. Organizations are advised to upgrade immediately, rotate potentially exposed API keys, review logs for suspicious unauthenticated requests, and tighten key governance through least-privilege permissions, expiration policies, and monitoring.  The incident highlights broader risks tied to third-party authentication libraries. Authorization flaws in widely adopted components can silently undermine security controls, reinforcing the need for continuous validation, disciplined credential management, and zero-trust approaches across modern, API-driven environments.

Critical better-auth Flaw Enables API Key Account Takeover #APIKeys #DataBreach #DataLeak