Act-of-War Clauses Cloud Cyber Insurance Coverage
Geopolitical tensions are prompting insurers to insert act‑of‑war exclusions into cyber policies, a provision traditionally used in homeowners and travel insurance. The language lags behind the rapid evolution of cyberwarfare, leaving companies uncertain whether state‑sponsored attacks are covered. Lawyers and brokers warn that many firms only discover these gaps when a real attack triggers a claim. The Wall Street Journal highlights the growing ambiguity as cyber threats increasingly resemble conventional warfare.
Who Really Runs Your VPN — and What that May Mean for Your Privacy
A new analysis of 50 VPN providers reveals that the majority rely on a handful of UK hosting firms—M247, Datacamp and CDN77—and rent space in data‑center buildings owned by US giants Equinix and Digital Realty. The study shows 73% of...
Russians Hijacking Routers for Cyber Spying
Russian GRU’s 85th Main Special Service Center has been hijacking vulnerable home routers, notably TP‑Link devices, since at least 2024 by exploiting CVE‑2023‑50224. The actors reconfigure DHCP/DNS settings to route traffic through their own resolvers, enabling man‑in‑the‑middle attacks that capture...
A String of Radio Hijacks Exposes a Deeper Broadcast Weakness
A series of radio broadcast hijacks, including the recent intrusion at Michigan's 107.7 The Bay, reveal a growing vulnerability in studio‑to‑transmitter links. The FCC’s November notice confirmed that attackers are repeatedly compromising unsecured Barix audio equipment to replace legitimate programming...
NL: Dutch Healthcare Software Vendor Goes Dark After Ransomware Attack
ChipSoft, the leading Dutch provider of hospital patient‑record software, was hit by a ransomware attack that took its website offline on April 7. The breach affects roughly 80 percent of the Netherlands’ hospitals, potentially disrupting access to electronic health records. Officials have...
HK: Man Arrested over Stolen Patient Personal Data
Hong Kong police have arrested a contractor employee accused of stealing personal data belonging to more than 56,000 patients in the Kowloon East Hospital Authority cluster. The breach involved unauthorized extraction of names, IDs, and medical details, which were later...
Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure
Iran‑affiliated advanced persistent threat actors are exploiting internet‑facing programmable logic controllers (PLCs) from Rockwell Automation/Allen‑Bradley across multiple U.S. critical infrastructure sectors. The attacks manipulate project files and alter data on HMI and SCADA displays, causing operational disruptions and financial losses....
1 Billion Microsoft Users Warned As Angry Hacker Drops 0-Day Exploit
Security researcher released the BlueHammer zero‑day exploit targeting Windows, affecting roughly one billion Microsoft users worldwide. The exploit enables privilege escalation at the kernel level and, unlike typical disclosures, no patch exists yet. Microsoft has acknowledged the threat and is...
Jones Day Confirms Limited Breach After Phishing Attack by Silent Ransom Group
Jones Day, one of the nation’s top law firms, confirmed a limited data breach after the Silent Ransom Group (SRG) posted files for ten clients on a dark‑web leak site. The attackers demanded roughly $13 million to delete the stolen data...
Maine House Advances McCabe Bill to Strengthen Cybersecurity at Maine Hospitals
The Maine House unanimously advanced Rep. Julie McCabe’s LD 2103, mandating hospitals adopt cybersecurity plans aligned with DHS and CISA best practices. The bill requires prompt law‑enforcement notification, backup communication systems, and annual staff training. It responds to spring cyber‑attacks that...
Microsoft Links Medusa Ransomware Affiliate to Zero-Day Attacks
Microsoft has identified Storm-1175, a China‑based financially motivated cybercrime group, as an affiliate of the Medusa ransomware operation. The gang is now leveraging both known (n‑day) and previously undisclosed (zero‑day) vulnerabilities in rapid, high‑velocity attacks. Microsoft’s intelligence shows Storm-1175 can...
Two Breaches, One Quarter: Valley Family Health Care’s Challenging Start to 2026
Valley Family Health Care (VFHC) disclosed a TriZetto Provider Solutions breach on Jan. 12 that exposed the personal and health‑insurance data of 4,300 patients. In March, the cyber‑crime group Insomnia listed VFHC on a dark‑web leak, claiming more than one million...
NYS School Data Incidents Rose 72% in 2025, with 44 Reported on Long Island
State education officials reported a sharp rise in compromised student data across New York schools in 2025, with incidents climbing 72% from 384 in 2024 to 662 this year. The surge was highlighted in an annual report from the Department...
Two Data Security Incidents Affected Immigration Law Firms and Their Clients
Immigration case‑management platform DocketWise disclosed a data breach that exposed personal information of 116,666 individuals, including Social Security numbers, passports, medical records, and payment details. The breach stemmed from compromised credentials to a third‑party partner, allowing attackers to clone repositories...
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
German authorities have unmasked the hacker known as “UNKN,” identifying him as 31‑year‑old Russian Daniil Maksimovich Shchukin. Shchukin led the notorious ransomware groups REvil and GandCrab, orchestrating at least 130 sabotage and extortion attacks in Germany between 2019 and 2021....
Researchers Didn’t Want to Glamorize Cybercrims. So They Roasted Them.
Security researchers at Trellix have launched the Dark Web Roast, a campaign that publicly mocks notorious cybercrime groups. The effort responds to calls from former CISA chief Jen Easterly and other industry leaders to stop glorifying threat actors with heroic...
The Breach Lasted 25 Minutes. How Long Will the Litigation Last?
On February 17, 2026, Auger & Auger suffered a 25‑minute unauthorized intrusion that exposed personal data of 5,102 individuals, including Social Security numbers and medical information. The firm notified affected parties on March 30 and provided a year of complimentary identity‑protection services. Within...
Hong Kong Hospital Authority Apologises for Data Breach Involving 56,000 Patients
Hong Kong’s Hospital Authority announced a data breach that exposed the personal and medical records of more than 56,000 patients from hospitals in Kowloon East. The unauthorized retrieval included names, identification numbers, contact details and health information. Hong Kong’s privacy...
Claude Code Leak Used to Push Infostealer Malware on GitHub
Threat actors are leveraging the recent Claude Code source‑code leak to create counterfeit GitHub repositories that distribute the Vidar information‑stealing malware. Claude Code, Anthropic’s terminal‑based AI coding agent, was exposed in a public dump, giving attackers a ready‑made framework to...
UK: School IT System Targeted in Cyber Attack Ahead of Exam Season
The Education Authority (EA) in Northern Ireland confirmed that its centralized school IT platform was hit by a cyber attack just days before the exam period. The breach prompted an emergency password reset for every user across the network. Authorities...
Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk
Meta has indefinitely paused all collaborations with data‑contracting firm Mercor while investigating a significant security breach at the startup. The breach, which exposed proprietary training datasets, has prompted other leading AI labs—including OpenAI and Anthropic—to reevaluate their relationships with Mercor....
Questions Raised After Cherry Creek Students Notified of Data Breach, Lawsuit
The Cherry Creek School District confirmed that a recent email to families about a class‑action settlement for a Naviance data breach was legitimate, but the district itself was not affected. The settlement covers roughly 10 million students nationwide who used Naviance...
BakerHostetler’s 2026 Report: Findings From 1,250 Clients’ Breach Experiences in 2025
BakerHostetler’s 2026 Data Security Incident Response Report examined 1,250 breach clients from 2025. Network intrusions (47%) and email compromise (32%) dominated, while ransomware payments rose 36% to an average $682,702 after initial demands jumped 70% to $4.2 million. Class‑action lawsuits increased...
Nacogdoches Memorial Hospital Notifies 257,073 After January Data Breach
Nacogdoches Memorial Hospital in Texas disclosed a cyberattack that compromised personal data of over 257,000 individuals. The breach was detected on Jan. 31, after an intrusion that began Jan. 15, 2026. Exposed information includes names, addresses, phone numbers, email, Social Security numbers, dates...
Apex Recovers Stolen Personal Data After About 22K Impacted in Cyberattack: Town
In July 2024, an attempted ransomware attack stole personal data of roughly 22,000 Apex, North Carolina residents. The data was hosted on U.S.-based service Bublup, which refused release until a Wake County Superior Court temporary restraining order in October 2024...
Estonian Hospital Sends Patient Home with Other Peoples’ Health Data
West Tallinn Central Hospital gave a patient a USB drive that, instead of containing only their X‑ray images, also held the personal health records of several other patients. The hospital claims the drive was newly purchased from its own shop,...
Did You Sign up for the New White House App? Don’t Use It Until You Read This!
The White House launched a mobile app on March 28, 2026, branded “Unparalleled access to the Trump Administration.” Security researcher Thereallo decompiled the APK and uncovered multiple privacy and data‑security violations that breach federal cybersecurity standards. Patrick Quirk highlighted the...
CareCloud Notifies the SEC After Attack on One of Its EHR Environments
CareCloud disclosed to the SEC that an unauthorized third party accessed one of its six electronic health record (EHR) environments on March 16, causing an eight‑hour disruption that was fully restored the same evening. The company promptly notified its cyber‑insurance carrier,...
Thankfully, the Infinite Campus Incident Did Not Involve a Lot of Non-Directory Student Information
DataBreaches downloaded the Infinite Campus leak posted by ShinyHunters and examined its contents. The majority of files were proprietary or client‑related and did not contain personal student information. Approximately two dozen support tickets referenced students by name, with two tickets...
Woodfords Family Services Notifying Patients and Families About 2024 Ransomware Attack
Woodfords Family Services, a Maine provider for people with disabilities, disclosed a ransomware breach that first occurred on April 8, 2024 but was only publicly notified on March 27, 2026 for some victims. The organization previously reported a 2023 incident...
Thousands of Corewell Health Patients Affected by Security Breach
Corewell Health disclosed that its former consulting partner, Pinnacle Holdings, suffered a data breach in 2024, potentially compromising the personal information of thousands of patients. The health system promptly initiated an internal review to determine the scope of exposure and...
Ransomware Attack Totally Cripples Jackson County Sheriff’s Office in Indiana
A ransomware attack crippled the Jackson County Sheriff’s Office IT infrastructure last week. The breach likely began with a phishing email that delivered malicious code, which lay dormant before encrypting files and spreading laterally. The resulting total network outage forced...
Infinite Campus Security Incident Awareness: No Impact to Student Data According to Infinite Campus
Infinite Campus disclosed that a ShinyHunters actor accessed an employee's Salesforce account, exposing only staff directory information and not any student or employee databases. The breach was detected quickly, the compromised account was disabled, and services lacking IP restrictions were...
If Threat Actors Gave You a Chance to Redact the Patient Data They Hacked Before They Leak It, Would You...
Woundtech, a Florida‑based mobile wound‑care provider, suffered a breach in early December 2025 when attackers accessed its AWS environment and exfiltrated 335 GB of data from a 6.7 TB S3 bucket. The leak includes over 928,000 patient IDs, 86,000 fully identified records,...
Weill Cornell Medicine Discloses an Insider Data Breach
Weill Cornell Medicine reported a breach affecting 516 patients after a former employee accessed electronic medical records without authorization. The employee only viewed contact details and visit reasons, with no clinical or financial data disclosed. The hospital notified the patients...
Strengthening Cybersecurity in Canada’s Municipal Sector: A Verified Analysis
The City of Hamilton’s February 2024 ransomware attack crippled 80% of its network and forced the municipality to spend roughly C$18.3 million on response, recovery and upgrades. A demanded ransom of C$18.5 million was refused, and a subsequent C$5 million cyber‑insurance claim was denied...
Jaguar Land Rover’s Cyber Bailout Sets Worrying Precedent, Watchdog Warns
The UK government has pledged a £1.5 billion loan guarantee to rescue Jaguar Land Rover after a crippling cyber‑attack. The Cyber Monitoring Centre’s technical chair warned that the ad‑hoc assistance could set a dangerous precedent for future cyber crises. He argued that without...
Global Cybercrime Crackdown: Over 373,000 Dark Web Sites Shut Down
Operation Alice, a March 2026 Europol‑led initiative, dismantled the largest known network of fraudulent dark‑web platforms, shutting down over 373,000 sites that hosted child sexual abuse material and cyber‑crime‑as‑a‑service tools. German authorities identified the platform’s operator and, together with 22...
University College of Dublin Staff Member Due in Court over Accessing Student Data
A University College Dublin employee in his 50s has been arrested and charged for unlawfully accessing student records, appearing in court today. The investigation, led by Ireland's Garda Síochána, uncovered unauthorized database queries that exposed personal information of dozens of...
Justice Department Disrupts Iranian Cyber Enabled Psychological Operations
The U.S. Justice Department seized four domains used by Iran’s Ministry of Intelligence and Security for cyber‑enabled psychological operations and transnational repression. The sites—Justicehomeland.org, Handala‑Hack.to, Karmabelow80.org, and Handala‑Redwanted.to—were employed to claim hack credit, publish stolen data, and issue death threats...
UMMC Continues Investigating Cyberattack and Recovering From Impact.
University of Mississippi Medical Center (UMMC) shut dozens of clinics for nine days after a ransomware attack crippled its Epic EMR system. The Medusa ransomware gang later posted the breach on its leak site, claiming to have stolen more than...
Russian Hackers Exploit Zimbra Flaw in Ukrainian Govt Attacks
Russian state‑backed APT28 leveraged the high‑severity Zimbra Collaboration Suite flaw CVE‑2025‑66376, a stored XSS that enables unauthenticated remote code execution, to target Ukrainian government entities. The vulnerability was patched in early November, yet attackers continue to exploit unpatched installations. The...
45,000 Malicious IP Addresses Taken Down in International Cyber Operation
An INTERPOL‑coordinated effort, Operation Synergia III, dismantled more than 45,000 malicious IP addresses and servers between July 2025 and January 2026. Law enforcement from 72 countries arrested 94 suspects and seized 212 devices, while investigations continue against another 110 individuals. The operation uncovered extensive...
The Broken Records: Tracing the Human Cost of the 2022 British MoD Leak
In February 2022 the UK Ministry of Defence inadvertently released personal data on roughly 18,700 Afghan nationals who had supported British forces and were seeking protection. The breach remained undisclosed for almost two years, and a High Court super‑injunction in September 2023...
Telus Digital Confirms Breach After ShinyHunters Claims 1 Petabyte Data Theft
Canadian BPO provider Telus Digital has confirmed a security incident after the hacker group ShinyHunters alleged stealing nearly one petabyte of data in a breach that spanned several months. The claim, made public in early March 2026, follows a prolonged...
China’s CERT Warns OpenClaw Can Inflict Nasty Wounds
China’s National Computer Network Emergency Response Technical Team (CERT) issued a warning that the OpenClaw agentic AI tool suffers from extremely weak default security configurations. The agency posted on WeChat that the tool can be easily exploited, urging users to...
Lotte Card Fined 9.6 Billion Won for Leaking Users’ Social Registration Numbers
South Korea’s Personal Information Protection Commission fined Lotte Card 9.62 billion won after a hacking attack exposed the resident registration numbers of about 450,000 customers. The breach stemmed from unauthorized access to log files in the card’s online simple‑payment system, affecting data...
Police Scotland Fined £66k for Extracting and Sharing Mobile Phone Data
The Information Commissioner’s Office fined Police Scotland £66,000 after it extracted the entire contents of a suspect’s mobile phone following a crime report and shared the unredacted data with an unauthorised third party. The ICO found the force failed to...
Viral ‘Quittr’ Porn Addiction App Exposed the Masturbation Habits of Hundreds of Thousands of Users
Quittr, a self‑help app marketed to men seeking to curb pornography use, suffered a massive data breach that exposed intimate details, including masturbation frequencies, of hundreds of thousands of users. The company had previously assured users of robust security, yet...
New Report Finds One in Two U.S. School Districts Experienced a Cybersecurity Incident in 2025
Clever released its Cybersecure 2026 Report, surveying nearly 500 U.S. K‑12 administrators and technology professionals. The study found that one in two school districts experienced a cybersecurity incident in 2025. More than 77% of districts rely on Clever’s identity platform...
