Breach

Intrusions exploiting stolen Salesloft Drift OAuth tokens were claimed by the ShinyHunters hacking operation, also known as UNC6040, to have resulted in the theft of more than 1.5 billion Salesforce records from 760 organizations, according to BleepingComputer.

CyberScoop reports that organizations using SonicWall firewalls had their configuration files compromised following an attack against the company's MySonicWall.com platform.

Small mistakes can add up to big data breaches. Here's how exposure management could have prevented one of the worst data breaches of the past decade.

Almost 45,000 Texas residents who sought state natural disaster relief over the past decade were confirmed by the state General Land Office to have had their personal details compromised following a cyberattack exploiting a Texas Integrated Grant Reporting system misconfiguration over the summer, StateScoop reports.

SecurityWeek reports that U.S. payment solutions firm American First Finance had data from 689,000 individuals stolen following an insider breach at Utah-based fintech and banking services provider FinWise Bank in May 2024.

SecurityWeek reports that Ohio-based mobile tool company Cornwell Quality Tools had information from 103,782 people compromised following a December data breach, which had been claimed by the Cactus ransomware operation earlier this year.

Jaguar Land Rover, the UK's leading automaker, has disclosed the compromise of certain data amid continued efforts to restore the operations of production facilities worldwide following an attack by the Scattered Lapsus$ Hunters threat group, according to The Guardian.