Major breaches/ransomware
Key Questions
What major breach involved Canvas LMS and student data?
ShinyHunters breached Canvas, impacting 275M students and 9k schools with data reportedly returned. They also targeted Infinite Campus (137k accounts) and Kodak (2.2M records).
Which ransomware groups are actively targeting critical infrastructure?
Qilin is hitting maritime shipping, while 'The Gentlemen' claims an attack on an Australian sugar producer. Lockbit 5.0 hit Elmwood Home Care and Akira affected Kentucky Bariatric Institute.
What is the scale of the 24 billion record credential leak?
A massive compilation of 24 billion records including plaintext passwords was found exposed in Elasticsearch. It aggregates data from multiple prior breaches across various services.
Has the UK MoD confirmed deaths from the Afghan data breach?
Yes, the breach led to 49 confirmed deaths with data exposed. Additional incidents include TD Bank exposing names and SSNs.
What fines or penalties resulted from recent data leaks?
Coupang was fined $408M for leaking 37.5M user records. Other exposures include Wise (4.9M records) and Sberbank (60M records).
Are ransomware incidents increasing in 2026?
Yes, IBM X-Force reports a 49% surge with 8,159 victims. WebLogic RCE vulnerabilities added to CISA KEV are being exploited by ransomware groups.
What claims has FulcrumSec made regarding Novo Nordisk?
The group claims a 1TB+ breach with 1.3TB of data now being leaked. Verification of the incident is ongoing.
Which other notable organizations reported breaches?
Lapsus$ claims an IKEA breach (180GB), Plaza Home Mortgage exposed SSNs, and UWA student records were exposed. Iran-linked claims on California water systems are under verification.
Canvas breach by ShinyHunters – 275M students, 9k schools; data reportedly returned. UK MoD Afghan data breach – 49 deaths confirmed. DOGE group breached Social Security database. Qilin ransomware targets maritime shipping. ShinyHunters exploits Oracle PeopleSoft zero-day (CVE-2026-35273) – 100+ organizations breached. Veeam backup server RCE – patch urgently. Exactis, Panera, ServiceNow, Discord breaches. Coupang fined $408M for 37.5M user data leak. 4.9M Wise user records allegedly leaked; UK Biobank data still exposed; Sberbank 60M records; Homers.fr breach; UWA student records exposed. Hackers claim Dynatrace source code theft. Elmwood Home Care ransomware (Lockbit 5.0). Odido data leak. China-linked UNC6508 campaign infiltrated US/Canada medical research networks. Iran-linked Handala group claims breach of California water systems – new claim, under verification. FulcrumSec claims breach of Novo Nordisk – 1TB+ stolen; data now being leaked (1.3TB released). Infinite Campus breach by ShinyHunters – 137k school staff accounts. Kentucky Bariatric Institute patient data exposed in Akira ransomware. Colossal 24 billion record credential compilation discovered in open Elasticsearch – includes plaintext passwords. Enforce MFA. WebLogic RCE (patch bypass) added to CISA KEV – actively exploited by ransomware groups. TD Bank data breach confirmed – names and SSNs exposed. Lapsus$ claims IKEA breach (180GB data) – under investigation. Ransomware surged 49% in 2026 with 8,159 victims (IBM X-Force). Kodak data breach by ShinyHunters – 2.2M records exposed. Plaza Home Mortgage data breach – employee computer compromise exposed SSNs and loan data. New: Global ransomware group 'The Gentlemen' claims attack on Australian sugar producer – expanding critical infrastructure targeting.