News

What Happened in the Breach On January 31 2026 the ransomware group Incransom (also known as INC Ransom) allegedly breached systems belonging to Hawk Law Group, a personal injury law firm based in Augusta, Georgia. Threat‑intelligence monitoring site Ransomware.live listed Hawk Law Group as a victim of Incransom with an estimated attack date of January…

Romania’s national oil pipeline operator Conpet said a cyberattack hit its corporate IT infrastructure on February 3, 2026, while the Qilin ransomware group alleged it stole nearly 1TB of data and published sample files to support the claim. What Happened in the Breach Conpet disclosed that a cyber incident affected its business IT environment and…

What Happened in the Breach In early February 2026, the Everest ransomware collective published a post on its dark‑web leak site claiming to have stolen 1.4 terabytes of internal documents and client information from Iron Mountain, a U.S.‑based enterprise information‑management company.  The gang said it had exfiltrated internal files and personal documents belonging to Iron…

What Happened in the Breach A newly disclosed pair of critical vulnerabilities in Ivanti’s Endpoint Manager Mobile (EPMM) platform enabled attackers to gain unauthorised access to mobile‑device management servers used by the Netherlands’ Autoriteit Persoonsgegevens (AP) and the Council for the Judiciary (Rvdr), exposing staff contact data.  In a letter to parliament, State Secretary for…

What Happened in the Breach San Diego Eye Bank, a 501(c)(3) nonprofit that has provided corneal and ocular tissue to restore sight since 1959, discovered in February 2026 that an intruder had compromised its network. Public reporting indicated that the Pear ransomware group — which styles itself as “Pure Extraction And Ransom” (PEAR), infiltrated the…

Flickr said a vulnerability in a third-party email service provider’s system on February 5, 2026 may have allowed unauthorized access to certain Flickr user data fields, including names, email addresses, IP addresses, general location, and account activity, while passwords and payment card numbers were not affected. What Happened in the Breach Flickr told users it…

What Happened in the Breach Japan Airlines JAL disclosed that its reservation system for the Same Day Luggage Delivery Service, which allows passengers to send bags from airports to hotels, was infiltrated by a third party and may have leaked personal data of up to 28,000 customers. The unauthorized access targeted the baggage delivery system…

What Happened in the Breach Community Health Clinics Inc., doing business as Terry Reilly Health Services (TRHS) in Nampa, Idaho, disclosed February 9 2026 that a security incident at its billing vendor risked exposing the personally identifiable information of about 5,421 patients. According to TRHS, the breach did not originate on its own systems; instead,…

Senegal temporarily suspended national identity card production after a cyber incident hit the Directorate of File Automation, while a ransomware group claimed it stole up to 139TB of highly sensitive citizen data. What Happened in the Breach Senegal’s Directorate of File Automation, known as the DAF, announced an “incident” in its information system and said…

What Happened in the Breach On January 30 2026, the European Commission’s central mobile‑device management (MDM) infrastructure detected signs of a cyber‑attack. Investigators said the intrusion may have exposed some staff members’ names and mobile phone numbers but did not compromise the actual mobile devices. CERT‑EU, the cybersecurity team for EU institutions, contained the intrusion…