Data Theft
University of Pennsylvania confirms new data breach after Oracle hack
The University of Pennsylvania (Penn) has announced a new data breach after attackers stole documents containing personal information from its Oracle E-Business Suite servers in August. The private Ivy League research university was founded in 1740 and has 5,827 faculty members and 29,109 students, with an 8:1 student-to-faculty ratio. It also has an academic operating […]
French Football Federation discloses data breach after cyberattack
The French Football Federation (FFF) disclosed a data breach on Friday after attackers used a compromised account to gain access to administrative management software used by football clubs. After detecting the unauthorized access, FFF’s security team disabled the compromised account and reset all user passwords across the system. However, before they were detected and evicted from […]
Dartmouth College confirms data breach after Clop extortion attack
Dartmouth College has disclosed a data breach after the Clop extortion gang leaked data allegedly stolen from the school’s Oracle E-Business Suite servers on its dark web leak site. The private Ivy League research university, founded in 1769, has an endowment of $9 billion as of June 30, 2025, over 40 academic departments and programs, […]
Harvard University discloses data breach affecting alumni, donors
Harvard University disclosed over the weekend that its Alumni Affairs and Development systems were compromised in a voice phishing attack, exposing the personal information of students, alumni, donors, staff, and faculty members. The exposed data includes email addresses, telephone numbers, home and business addresses, event attendance records, donation details, and “biographical information pertaining to University […]
Salesforce investigates customer data theft via Gainsight breach
Salesforce says it revoked refresh tokens linked to Gainsight-published applications while investigating a new wave of data theft attacks targeting customers. The cloud-based software company noted that this doesn’t stem from a vulnerability in its customer relationship management (CRM) platform since all evidence points to the malicious activity being related to the app’s external connection […]
Eurofiber France warns of breach after hacker tries to sell customer data
Eurofiber France disclosed a data breach it discovered late last week when hackers gained access to its ticket management system by exploiting a vulnerability and exfiltrated information. Eurofiber France SAS is the French unit of the Eurofiber Group N.V., a Dutch telecommunications service provider that operates a fiber network of 76,000 km across the Netherlands, Belgium, […]
Pennsylvania AG confirms data breach after INC Ransom attack
The office of Pennsylvania’s attorney general has confirmed that the ransomware gang behind an August 2025 cyberattack stole files containing personal and medical information. This comes after Attorney General Dave Sunday confirmed in early September that the incident was a ransomware attack and his office refused to pay the ransom requested by the cybercriminals after they encrypted […]
Logitech confirms data breach after Clop extortion attack
Hardware accessory giant Logitech has confirmed it suffered a data breach in a cyberattack claimed by the Clop extortion gang, which conducted Oracle E-Business Suite data theft attacks in July. Logitech International S.A. is a Swiss multinational electronics company that sells hardware and software solutions, including computer peripherals, gaming, video collaboration, music, and smart home […]
Checkout.com snubs hackers after data breach, to donate ransom instead
UK financial technology company Checkout announced that the ShinyHunters threat group has breached one of its legacy cloud storage systems and is now extorting the company for a ransom. The company says that although the stolen data affects a significant portion of its merchant base, it will not pay a ransom and will instead invest […]
Washington Post data breach impacts nearly 10K employees, contractors
The Washington Post is notifying nearly 10,000 employees and contractors that some of their personal and financial data has been exposed in the Oracle data theft attack. The news organization is one of the largest daily newspapers in the U.S. with approximately 2.5 million digital subscribers. Between July 10 and August 22, threat actors accessed parts of […]