Hi folks,

The last few issues I was surprised by the low number of reported data breaches. For a moment there I had hopes, but turns out either the criminals or the reporters (or both) were just ooo. This week shows a list that's way too long for comfort.

I hope you find it interesting, that you get motivated by the clear indication that there is work to be done, and then have a wonderful weekend :-) Cheers!

Dieter Van der Stock

Breaches and leaks

  • The French agency that oversees unemployment registration and aid was breached, exposing data belonging to 10 million people: link.
  • The South African Department of Defence was compromised, a 1.6TB file with personnel details is available online: link.
  • The University of Michigan took all its systems offline to deal with an unspecified cybersecurity incident: link.
  • PurFoods, aka Mom's Meals, a US food delivery service, disclosed a data breach affecting 1.2 million people: link.
  • Ohio History Connection, a non-profit that manages sites and museums, leaked social security numbers in a ransomware attack: link.
  • Forever 21, a clothing and accessories retailer, was breached in March and took ... forever to disclose the impact to more than half a million individuals: link.
  • LogicMonitor, a network monitoring company, was breached by ransomware: [link]
  • Leaseweb, a large cloud and hosting provider, notified customers of unusual activity in their infrastructure: link.
  • Kroll, the financial and risk advisory company, was compromised through a SIM-swapping attack on one of their employees: link.
  • Sourcegraph, the code search and navigation platform, disclosed a data breach after an engineer accidentally leaked an admin access token: link.
  • Paramount Global, the entertainment giant, was breached, impacting the PII of about 100 people: link. (
  • MoveIT has now crossed the milestone of 1000 companies impacted: link.
Dieter Van der Stock