Just got a data breach notification from Lee Valley.
Full name address, credit card details from a cloud server that was popped from Oct 8, 2024 to March 12, 2025.
If you bought stuff from the Lee Valley website in that time be on the lookout for a breach notification and get ready to freeze/replace your credit card.
From the notification it sounds like the attacker was able to add code to the website frontend to siphon off credit card info.
"A government whistleblower told lawmakers that DOGE's access to National Labor Relations Board (NLRB) systems went far beyond what was needed to analyze agency operations and apparently led to a data breach. NLRB employee Daniel Berulis, a DevSecOps architect, also says he received a threat when he was preparing his whistleblower disclosure.
"Mr. Berulis is coming forward today because of his concern that recent activity by members of the Department of Government Efficiency ('DOGE') have resulted in a significant cybersecurity breach that likely has and continues to expose our government to foreign intelligence and our nation's adversaries," said a letter from the group Whistleblower Aid to the Senate Select Committee on Intelligence leaders and the US Office of Special Counsel.
The letter, Berulis' sworn declaration, and an exhibit with screenshots of technical data are available here. "This declaration details DOGE activity within NLRB, the exfiltration of data from NLRB systems, and—concerningly—near real-time access by users in Russia," Whistleblower Aid Chief Legal Counsel Andrew Bakaj wrote. "Notably, within minutes of DOGE personnel creating user accounts in NLRB systems, on multiple occasions someone or something within Russia attempted to login using all of the valid credentials (e.g. Usernames/Passwords). This, combined with verifiable data being systematically exfiltrated to unknown servers within the continental United States—and perhaps abroad—merits investigation."
Bakaj said they notified law enforcement about an "absolutely disturbing" threat Berulis received on April 7."
Fall River schools chief: No insurance for cyberattack; says computer system remains down:
Oracle Health breach compromises patient data at US hospitals
—@BleepingComputer
「 Oracle says that the threat actor used compromised customer credentials to breach the servers sometime after January 22, 2025, and copied data to a remote server. This stolen data "may" have included patient information from electronic health records 」
Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service
「 Oracle told Bleeping Computer, and customers, “There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data” 」
#oracle #databreach #cybersecurity
https://doublepulsar.com/oracle-attempt-to-hide-serious-cybersecurity-incident-from-customers-in-oracle-saas-service-9231c8daff4a
Oracle buried serious data breach from customers, now hacker has it up for sale
Company remains quiet since denying the attack, even after researchers conclude the breach is real
#oracle #OracleCloud #databreach #security #cybersecurity #infosec #hackers #hacking #hacked
https://www.techspot.com/news/107362-oracle-hid-serious-data-breach-customers-now-hacker.html
Four months after learning of a vendor's breach, Concord Orthopaedics in NH notifies almost 68,000 patients.
At the same time that they were mailing notifications, #EverestTeam was leaking 2.9 GB of files with patient info from 2018-2024.
When they say no-one is safe, here is the evidence 
We are all vulnerable to phishing, even @troyhunt has been caught! If it can happen to Troy, it can happen to us all. Each and every one of us.
“…the penny has just dropped that a Mailchimp phish has grabbed my credentials, logged into my account and exported the mailing list for this blog. I'm deliberately keeping this post very succinct to ensure the message goes out to my impacted subscribers ASAP, then I'll update the post with more details.“
https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/
#CyberSecurity #DataBreach #InfoSec #Phishing
Another Monday. Another edition of the Privacy Roundup featuring news items curated with end user #privacy and #security in mind.
This edition features:
- #Android Apps using #Bluetooth and Wi-Fi connection data to estimate and collect user location data
- #Apple Passwords app used insecure HTTP
- Video gamers beware: another game pulled from Steam for being #malware in disguise
- Free online converters adding malware to converted files
- Threat actors using #Reddit posts to push information stealing malware, primarily targeting #cryptocurrency traders/enthusiasts
- Data breaches at the largest US sperm bank and a large teacher union
… and more.
#privacymatters #databreach #cybersecurity #cybersecurity #infosec #gaming
Latest issue of my curated #cybersecurity and #infosec list of resources for week #12/2025 is out!
It includes the following and much more:
➝ @wiz to be Acquired by Alphabet and will join #Google Cloud;
➝ GitHub Action tj-actions/changed-files was compromised, risking secrets in over 23k repositories;
➝ @vulncheck has raised $12 million in a Series A #funding round;
➝ Clearview AI tried to buy millions of arrest records;
➝ Infosys to Pay $17.5 Million in Settlement Over 2023 #DataBreach;
➝ Oracle denies #breach;
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end 
https://infosec-mashup.santolaria.net/p/infosec-mashup-12-2025
Important #UK #petition to sign: "Ban behavioural data extraction for advertising"
https://petition.parliament.uk/petitions/713456
If you are a UK citizen or UK resident PLEASE SIGN THIS 
We need the #government to take this seriously so creeps like this #databroker don't get more data:
https://gizmodo.com/data-broker-brags-about-having-highly-detailed-personal-information-on-nearly-all-internet-users-2000575762
And #democracy is undermined by the #microtargeting from #socialmedia - #Trump /Brexit/Romania etc
NEW by me:
What is WikiLeaksV2 doing with a ransomware gang? Spoiler alert: It's not extortion.
https://databreaches.net/2025/03/17/what-is-wikileaksv2-doing-with-a-ransomware-gang/
#Amazon is still hosting #stalkerware victims' data weeks after breach alert
#Cocospy, #Spyic, and #Spyzie, have collectively compromised over 3.1 million Android phones, which we know because apps each had a #databreach in Feb.
As part of our investigation into stalkerware operations, which included analyzing the apps themselves, TechCrunch found that some of the contents of a device compromised by the stalkerware apps are being uploaded to storage servers run by #AWS.
https://techcrunch.com/2025/03/13/amazon-is-still-hosting-stalkerware-victims-data-weeks-after-breach-alert/
Thanks to everyone in the fediverse who has favorited, boosted, and reached out to me supportively over the injunction and takedown order that I wouldn't comply with (overview: https://infosec.exchange/@PogoWasRight/114110520940142405)
Special thanks to @zackwhittaker for reporting about it all on #TechCrunch:
Last Friday I received a letter from a U.K. law firm with an attached injunction. The law firm claimed I must remove two posts about their client.
That is not going to happen. I am not under the jurisdiction of the U.K. or the High Court of Justice. My lawyer informed them of that yesterday.
But DataBreaches.net might disappear tomorrow because the U.K. law firm sent the injunction to my domain registrar who, innocently believing them, informed me they will suspend my site if I don't remove the posts within 24 hours. I have replied to them but have not heard back.
So...
If my site is gone tomorrow, I will let you know where you can read a lot more about the injunction and how the injunction poses a serious risk of censorship in the U.K.
If my site is still online tomorrow, I will still let you know here where you can read about the over-reaching injunction obtained in a private hearing where no one represented journalists whose reporting was being censored.
#censorship #injunction #pressfreedom
#AssociatedPress #RCFP #databreach #ransomware #journalism
@freedomofpress @campuscodi @zackwhittaker @aj_vicens @carlypage @iainthomson @amvinfe @lawfare @lawrenceabrams
@privacysafe @pluralistic
Your secrets are created entirely on your device & generated on-the-fly. No data is copied, transmitted, or stored on any server:
https://privacysafe.bot
Unlike "the cloud", #PrivacySafe Bot helps you create quick, customizable passwords without worrying about a #databreach.
I've had quite a few outrageous responses to my alerts, this is another one of those, sent by teammateapp.com CEO.
After my initial alert and follow up email, I get a reply lying about the severity of the exposure and telling me to stop harassing the company.
This CEO also didn't know what Proton is and thought I work for them and threatened to report me to them in case I didn't stop. 
Read about it here: https://jltee.substack.com/p/new-zealand-companys-impossible-to-hack-security
"This is the largest #databreach in American history,” Tong said in a statement on Friday. “#Doge is an unlawfully constituted band of renegade #techbros combing through #confidentialrecords, #sensitivedata and critical payment systems. What could go wrong?”
Judge temporarily blocks #Musk’s ‘Doge’ team from accessing #treasury records | #ElonMusk | The Guardian
https://www.theguardian.com/technology/2025/feb/08/judge-temporarily-blocks-musks-doge-team-from-accessing-treasury-records
#USpol
#democracy
#ruleoflaw
#privacylaws
#confidentialinformation
