Safeguard
Topic

Data Breach

In-depth guides and analysis on data breach from the Safeguard engineering team.

11 articles

Data Breach

Carnival Data Breach (May 2026): 5.99M Records Lost via Salesforce Social Engineering

Carnival confirmed a breach affecting nearly 6 million people on May 28, 2026, after an attacker socially engineered an employee into granting access to its IT environment. Here is the verified chain and what defenders should do.

May 28, 202611 min read
Data Breach

Instructure Canvas Breach (May 2026): Up to 275M Records and a Quiet Settlement

ShinyHunters claimed 3.65 TB and 275 million records from Instructure's Canvas LMS across ~9,000 schools. Instructure confirmed names, emails, student IDs, and user messages were taken, then reportedly paid to make it stop.

May 12, 202610 min read
Data Breach

Odido Telecom Breach: 6.2M Dutch Customers, Salesforce, and No Compensation (May 2026)

Odido, the Netherlands' largest mobile operator, exposed 6.2 million customers' data, including IBANs and ID details, via a vishing-driven Salesforce intrusion. In May 2026 the company ruled out compensation as mass claims mounted.

May 12, 202610 min read
Data Breach

Škoda Auto Online Shop Breach (12 May 2026): An E-Commerce Software Flaw and the Credential-Reuse Tail

Škoda Auto disclosed on 12 May 2026 that attackers exploited a vulnerability in its German online shop to steal customer names, contact details, order data, and login credentials. The card data was safe; the credentials are the part that keeps paying out.

May 12, 202614 min read
Data Breach

Plex Data Breach: 20 Million Users Forced to Reset Passwords

A breach of Plex's systems exposed usernames, emails, and hashed passwords for approximately 20 million users, forcing the streaming platform to trigger a mass password reset.

Aug 24, 20225 min read
Data Breach

Twitter Data Breach: 5.4 Million Accounts Exposed Through an API Vulnerability

An API vulnerability in Twitter allowed attackers to link phone numbers and email addresses to Twitter accounts, ultimately exposing data from 5.4 million users — and possibly over 200 million email-account pairs.

Jul 22, 20225 min read
Data Breach

Red Cross Data Breach: Attackers Targeted the World's Most Vulnerable People

A sophisticated cyberattack on the International Committee of the Red Cross compromised personal data of over 515,000 highly vulnerable people, including victims of conflict, missing persons, and detained individuals.

Jan 20, 20226 min read
Data Breach

Panasonic Data Breach: Four Months of Undetected Network Access

Panasonic disclosed a data breach in November 2021, revealing that attackers had maintained access to its network for over four months before detection — highlighting the persistent challenge of dwell time.

Nov 26, 20215 min read
Data Breach

Robinhood Data Breach: Social Engineering Strikes the Trading Platform

A social engineering attack on a Robinhood customer support employee exposed personal data of approximately 7 million users, revealing the persistent vulnerability of human-facing systems.

Nov 10, 20215 min read
Data Breach

LinkedIn Data Scraping: 700 Million User Records Sold on the Dark Web

A threat actor scraped data from 700 million LinkedIn users — 93% of the platform's user base — and put it up for sale, reigniting the debate over API abuse and data privacy.

Jul 20, 20215 min read
Data Breach

Facebook Data Leak: 533 Million Users Exposed Through a Contact Import Feature

Personal data from 533 million Facebook users across 106 countries was posted on a hacking forum, exposing phone numbers, emails, and personal details scraped through a contact import vulnerability.

Jul 2, 20215 min read
Data Breach — Supply Chain Security Blog | Safeguard