DevaOnBreaches

@[email protected]
1.5K Followers
5K Following
1.7K Posts
Sharing insights on data breach investigations, information security, & password best practices • @XposedOrNot
Websitehttps://XposedOrNot.com
Bloghttps://blog.xposedornot.com/
GitHubhttps://github.com/DevaOnBreaches
Websitehttps://plus.xposedornot.com/
DevaOnBreaches2d ago
XposedOrNot2d ago

@XposedOrNot += KomikoAI Data Breach

The KomikoAI #databreach occurred in February 2026 when the AI-powered comic generation platform was compromised, exposing 1M unique email addresses along with associated user content.

Exposed data: Email addresses, Names, User posts, AI prompts

Potential risks: Phishing, Targeted scams, and privacy breaches

DevaOnBreaches2d ago

Basic-Fit, Europe’s largest gym chain, says hackers accessed data of ~1M members across multiple countries. Exposed info includes names, contact details, DOB, and bank data. #databreach

https://www.bleepingcomputer.com/news/security/european-gym-giant-basic-fit-data-breach-affects-1-million-members/

European Gym giant Basic-Fit data breach affects 1 million members

Dutch fitness giant Basic-Fit announced that hackers breached its systems and gained access to information belonging to a million of its customers.

BleepingComputer
DevaOnBreaches3d ago

Booking.com confirms a #databreach: hackers may have accessed some users’ booking data (names, emails, phone numbers, etc.).

The company reset PINs and notified affected users via email.

https://www.bleepingcomputer.com/news/security/new-bookingcom-data-breach-forces-reservation-pin-resets/

New Booking.com data breach forces reservation PIN resets

Booking.com has confirmed via a statement to BleepingComputer that it has detected unauthorized access to its systems that has exposed sensitive reservation and user data.

BleepingComputer
DevaOnBreaches4d ago

Here’s your weekly #databreach news roundup:

Hungarian government, Orrick Herrington & Sutcliffe, Rockstar Games, LAPD, and Eurail

https://blog.xposedornot.com/weekly-databreaches-roundup-week-15-2026/

DevaOnBreaches5d ago
XposedOrNot5d ago

@XposedOrNot += Hallmark Data Breach

The Hallmark #databreach occurred in March 2026 and involved an alleged breach and extortion incident impacting data stored in Salesforce, with 1.8M unique email addresses later published along with associated customer information.

Exposed data: Email addresses, Names, Phone numbers, Physical addresses

Potential risks: Phishing, Identity theft, Targeted scams, Privacy breaches

DevaOnBreaches5d ago

Nearly 800 Hungarian government email accounts and passwords were exposed across 12 ministries, mostly due to weak passwords and poor digital hygiene, not to advanced hacks. Sensitive roles affected.

https://www.bellingcat.com/news/2026/04/09/the-hungarian-government-passwords-exposed-online/

‘Snoopy’, ‘Adolf’ and ‘Password’: The Hungarian Government Passwords Exposed Online - bellingcat

Hundreds of Hungarian government email addresses and passwords are circulating online, revealing vulnerabilities in the security protocols of ministries involved in sensitive work.

bellingcat
DevaOnBreaches5d ago

Silent Ransom Group hacked Orrick (after its 2023 #databreach), stole sensitive data via phishing/social engineering, and leaked it after rejecting a $1M offer as too low.

https://databreaches.net/2026/04/10/silent-ransom-group-leaked-another-big-law-firm-orrick-herrington-sutcliffe/

Silent Ransom Group leaked another big law firm: Orrick, Herrington & Sutcliffe - DataBreaches.Net

Jones Day wasn't the only big law firm to recently fall prey to threat actors variously known as Silent Ransom Group, Luna Moth, Chatty Spider, or UNC3753. Data

DataBreaches.Net
DevaOnBreaches5d ago

Rockstar Games reportedly targeted by ShinyHunters, claiming access to its Snowflake data via Anodot breach. Attackers allegedly used stolen tokens (not direct exploits) to extract data and threaten leaks by April 14. #databreach

https://hackread.com/shinyhunters-rockstar-games-snowflake-breach-anodot/

ShinyHunters Claims Rockstar Games Snowflake Breach via Anodot

ShinyHunters claims access to Rockstar Games Snowflake data via Anodot breach, threatening a data leak on April 14 if ransom demands are not met.

Hackread - Cybersecurity News, Data Breaches, AI and More
DevaOnBreachesApr 9

Hackers linked to World Leaks allegedly leaked ~7.7TB of sensitive LAPD-related data (personnel, investigations, legal files) via a breached third-party system tied to the LA City Attorney’s Office.

https://techcrunch.com/2026/04/08/hackers-steal-and-leak-sensitive-lapd-police-documents/

Hackers steal and leak sensitive LAPD police documents | TechCrunch

The LAPD said the breach affected “a digital storage system” belonging to the city’s Attorney's Office. The World Leaks extortion gang was reported to be behind the attack.

TechCrunch
DevaOnBreachesApr 9

Eurail suffered a Dec 2025 #databreach exposing data of ~309K people (incl. passport details); stolen data is now for sale online, with a hacker claiming 1.3TB taken, impacting customers and programs like DiscoverEU, prompting security warnings and password resets.

https://therecord.media/eurail-reports-data-breach-impacting-over-300000

Passport numbers for more than 300,000 leaked during December Eurail data breach

In February, a hacker claimed the attack and said they stole 1.3 TB of data that included source code, database backups and Zendesk support tickets.