Data breaches, leaks, incidents
Breaches
A threat actor is claiming to have leaked personal data belonging to 36 million Venezuelan citizens, potentially encompassing the entire population of the country, according to a posting on a dark web forum observed by Zero Day Wire. The forum post, published on January 27, 2026, advertises a database containing
Breaches
Chinese state-sponsored hackers compromised mobile phones of senior Downing Street officials for several years, exposing private communications of some of the closest aides to three British prime ministers, according to a report by The Telegraph. The espionage operation, attributed to the Beijing-linked threat group Salt Typhoon, targeted phones of senior
Breaches
The Clop ransomware group has posted 43 new victims to its dark web leak site within a 24-hour period, targeting organizations across the United States, Canada, United Kingdom, Europe, and New Zealand. The wave of listings includes major brands such as Hilton Hotels and The Weather Company, parent of Weather.
Breaches
A server-side vulnerability in Instagram allowed unauthenticated attackers to access private photos and captions without logging in or having a follower relationship, according to security researcher Jatin Banga who published a full disclosure this week after a 102-day interaction with Meta's bug bounty program. Meta silently patched the
Breaches
A threat actor is allegedly selling live access to FedEx's internal database through an insider, according to a post on a cybercrime forum. The seller claims the access enables searching shipments by sender, viewing recipient and shipper details, sorting deliveries by location and package attributes, and the ongoing
Breaches
Two Venezuelan nationals have been convicted for their roles in an ATM jackpotting scheme that used Ploutus malware to empty cash machines across the southeastern United States. Luz Granados, 34, and Johan Gonzalez-Jimenez, 40, pleaded guilty to conspiracy and computer crimes for targeting older ATM models in South Carolina, Georgia,
Breaches
UPDATE 27/01/2026 Nike has confirmed that it is investigating a potential cybersecurity incident after claims surfaced online that its internal data may have leaked by a cybercrime group. The same group, known for extortion-driven attacks against other companies, previously claimed the Nike cyberattack on its dark web site.
Breaches
A threat actor is allegedly selling a database containing 26.7 million user records from Affirm, the popular buy-now-pay-later financial services platform operating in the United States and Canada. The listing appeared on the Exploit cybercrime forum on January 23, 2026, posted by a threat actor using the handle "
Breaches
The Nova ransomware group has claimed responsibility for an attack against KPMG, one of the Big Four professional services firms, threatening to release 500GB of stolen data if ransom demands are not met. The listing appeared on Nova's dark web leak site on January 23, 2026, with a
Breaches
The Canadian Investment Regulatory Organization (CIRO) has confirmed that approximately 750,000 investors were impacted by a data breach following a phishing attack detected in August 2025. CIRO, which oversees all investment and mutual fund dealers in Canada alongside trading activity on the country's debt and equity markets,
Breaches
Security researchers at Sansec have discovered an active keylogger on the employee store of one of America's largest banks, potentially exposing credentials and payment data for over 200,000 staff members. The attack was detected on January 14, 2026, and remained active until January 15 when the malware
Breaches
A threat actor using the alias "datsell_alld" claims to be selling a database containing approximately 3.1 million records of Armenian citizens on a dark web forum. With Armenia's population estimated at just over 3 million, the claimed size suggests this could represent a near-complete