SOUTHFIELD, MI - A newly surfaced dark-web listing claims that 700Credit, a provider of credit-reporting and identity-verification services for auto dealers, suffered a substantial data breach in late October 2025 - potentially exposing more than eight million customer records. What the Listing Claims According to the listing, the compromised database includes highly sensitive consumer information commonly handled by credit-reporting services - full names, Social … [Read more...]
Microsoft Warns Advertisers of New OAuth Consent Phishing Threat Targeting Users
REDMOND, WA - Microsoft has issued a new security alert to users of its Microsoft Advertising platform, warning of a wave of OAuth consent phishing attacks - a sophisticated form of credential theft designed to look completely legitimate. In its notice, Microsoft explained that malicious actors are sending out fake login or permission prompts that appear identical to the company’s official consent screens. Once a user clicks “Accept”, the attacker gains access to sensitive … [Read more...]
October: National Cybersecurity Awareness Month: Is Your Business Truly Protected?
WEST PALM BEACH, FL - Every October, businesses across the country are reminded of a simple but critical truth: cybersecurity is no longer optional. As cybercriminals refine their tactics, small and medium-sized businesses have increasingly become their top targets. Phishing emails, ransomware, and malware aren’t just problems for Fortune 500 companies - they’re threats to any business with valuable data and daily digital operations. This year’s National Cybersecurity … [Read more...]
Massive “Combo List 93M” Surfaces on Dark Web, Exposing Millions of Emails
WEST PALM BEACH, FL - A newly circulated credential database called Combo List 93M has emerged on underground forums, raising concerns for millions of email account holders. The massive compilation - reportedly containing over 93 million records - is being distributed within cybercriminal communities for use in credential-stuffing and phishing campaigns. What Is Combo List 93M? Unlike a traditional “data breach” tied to a single company, Combo List 93M appears to be an … [Read more...]
TransUnion Data Breach Exposes Personal Information of 4.4 Million Consumers
WEST PALM BEACH, FL - TransUnion, one of the nation’s three major credit reporting agencies, has confirmed a data breach that exposed sensitive personal information of more than 4.4 million U.S. consumers. The incident was discovered on July 30, 2025, just two days after hackers gained access to a third-party application used by TransUnion’s U.S. consumer support operations. While the company stressed that its core credit databases and credit reports were not compromised, … [Read more...]
Hackers Claim PayPal Credential Dump Exposes 15.8 Million Accounts
SAN JOSE, CA - A massive set of PayPal login credentials has surfaced for sale on a dark web marketplace, with hackers alleging it contains information on nearly 15.8 million accounts worldwide. The dataset reportedly includes email addresses, plaintext passwords, and associated PayPal login URLs - a combination that, if authentic, could enable criminals to commit widespread identity theft and financial fraud. Hackers’ Claims The seller is advertising the database, … [Read more...]
Aflac Hit by Sophisticated Cyberattack: What Victims, Businesses Need to Know
COLUMBUS, GA - Aflac Incorporated, a leading supplemental insurance provider, disclosed that its U.S. systems suffered a cyberattack on June 12, 2025, potentially exposing sensitive customer data. The breach was quickly contained, but it may have compromised claims information, health records, Social Security numbers, and other personal identifiers. What We Know So Far Potential Data Exposure Aflac’s Response Broader Industry Implications What Affected … [Read more...]
Record-Breaking Data Leak Exposes 16 Billion Credentials Including Session Tokens
WEST PALM BEACH, FL - A massive trove of approximately 16 billion username-password combinations—along with session tokens and cookies - has surfaced on unsecured servers, cybersecurity researchers confirmed. The cache appears to be an aggregate of around 30 previously known data sets, sourced from malware-based credential thefts and older breaches, rather than a fresh, single-source attack. Security analysts emphasize the sheer volume of data makes it impossible to … [Read more...]
Records From 2024 AT&T Data Breach Are Once Again For Sale On The Dark Web
PALM BEACH, FL - A massive trove of nearly 90 million AT&T customer records, including Social Security numbers and other sensitive information, has resurfaced for sale on the dark web, reigniting concerns over personal data security. The data were first posted to a Russian-language cybercrime forum on May 15 and reappeared on June 3, with cybersecurity researchers confirming these are decrypted records - mostly repackaged from previous breaches. AT&T indicates … [Read more...]
Massive Data Breach Exposes 184 Million Login Credentials from Major Tech Platforms
WEST PALM BEACH, FL - A significant data breach has compromised over 184 million login credentials, affecting users of major platforms including Google, Apple, Meta (Facebook, Instagram), Microsoft, Snapchat, and others. The exposed information includes email addresses, usernames, plaintext passwords, and login URLs, posing a substantial risk of identity theft and unauthorized account access. Cybersecurity researcher Jeremiah Fowler discovered the unprotected database, … [Read more...]
50 Million Potentially Compromised In PowerSchool Data Breach
SACRAMENTO, CA - On December 28, 2024, PowerSchool, a prominent provider of educational technology services to over 60 million K-12 students worldwide, identified a cybersecurity incident involving unauthorized access to its Student Information System (SIS) through the PowerSource customer support portal. The breach, which occurred between December 19 and December 24, 2024, allowed threat actors to exfiltrate sensitive data, including names, addresses, dates of birth, … [Read more...]
Expired Domains Used by Security Experts to Neutralize Abandoned Web Backdoors
BATH, UK - More than 4,000 web backdoors that had been abandoned but were still active with live malware were hijacked and their communication infrastructure sinkholed – a term used to describe the process of redirecting malicious traffic to a DNS sinkhole – after web security researchers registered numerous expired domains, preventing them from being used by hackers and cybercriminals. A backdoor is a covert method of bypassing normal authentication or encryption in a … [Read more...]
56% Increase In Disaster Recovery Events Related To Microsoft 365 Domains
REDMOND, WA - According to new data released by IT services data protection and security company N-able, 2024 so far has seen a huge uptick in hacking and cyberattacks targeting Microsoft 365 domains, with a 56 percent increase in the number of disaster recovery events among the service’s clients and a large uptick in the number of backups among its partners. Critical Start’s Cyber Research Unit (CRU) issued a report that states the number of cyber alerts in the first … [Read more...]
Google to Phase Out Call & Chat Reporting on Google My Business Profiles
WEST PALM BEACH, FL - In a recent announcement Google revealed that it will discontinue the call and chat history features in Google Business Profiles by July 31, 2024. This move appears to be part of a broader effort to streamline Google's services and shift its focus elsewhere. While these changes will affect how businesses interact with their leads, it also presents an opportunity to enhance marketing efforts with proper planning and the right tools. What’s Changing in … [Read more...]
AT&T Discloses Major Data Breach Affecting Approximately 70+ Million Accounts
DALLAS, TX - AT&T recently revealed a cybersecurity incident that exposed call and text message records for a significant portion of its customer base. The breach impacted nearly all of AT&T's cellular customers, along with customers of mobile virtual network operators (MVNOs) that utilize AT&T's network. Even some landline customers who interacted with AT&T cellular users during the timeframe are included. While the compromised data doesn't contain the … [Read more...]