Major Australian trade tool retailer Sydney Tools had more than 34 million online order records and over 5,000 employees' records leaked by an unprotected ClickHouse database, according to Cybernews.Information exposed by the misconfigured database included not only customers' names, home addresses, email addresses, phone numbers, and ordered items but also current and former workers' names and surnames, designated branches, compensation, and targeted sales figures, an analysis from Cybernews researchers revealed. Sydney Tools has yet to secure the leaky database despite having been informed regarding the inadvertent data exposure earlier last month, said researchers, who emphasized the potential exploitation of the company's data in highly targeted cyberattacks. "Information Sydney Tools is leaking. This can aid cybercriminals in the surprisingly common crime of tool theft, as well as more standard cybercrimes such as identity theft, phishing, or spam campaigns," researchers added.
CNBC reports that Chinese artificial intelligence startup DeepSeek was found by South Korea's Personal Information Protection Commission to have moved user data to multiple China- and U.S.-based firms without necessary consent and disclosures as part of a privacy and security investigation.
Major Connecticut-based nonprofit healthcare network Yale New Haven Health has confirmed having data from more than 5.5 million individuals compromised following a network intrusion last month, making the incident the largest health data breach so far this year, The Register reports.
DaVita, a leading U.S. dialysis service provider, was claimed to have been compromised by the Interlock ransomware gang, which alleged the theft of 1.51 TB of data from its systems two weeks ago, reports The Record, a news site by cybersecurity firm Recorded Future.
