Safeguard
Tag

data-breach

Safeguard articles tagged "data-breach" — guides, analysis, and best practices for software supply chain and application security.

39 articles

Breach Analysis

Nova Scotia Power Cyber Incident: When Critical Infrastructure Gets Hit

Nova Scotia Power disclosed a cyber incident in April 2025 that compromised customer data. The attack highlights the persistent vulnerability of utility companies.

Apr 28, 20256 min read
Incident Analysis

PowerSchool Breach: 62M Students, $2.85M Ransom, Cascading Extortion

PowerSchool's December 2024 breach exposed data on roughly 62M students and 9.5M teachers through a compromised support-portal credential and triggered downstream extortion of school districts months later.

Mar 12, 20256 min read
Incident Analysis

Snowflake Customer Data Breaches: 165 Organizations Hit by Credential Theft Campaign

Attackers used stolen credentials from infostealer malware to access Snowflake customer accounts without MFA, compromising data at Ticketmaster, Santander, AT&T, and over 160 other organizations.

Jun 10, 20245 min read
Threat Intelligence

OpenAI Internal Breach: What the 2023 Forum Hack Reveals About AI Company Security

Reports emerged that a hacker accessed OpenAI's internal messaging systems in early 2023, raising questions about AI company security practices and the risks of concentrated AI development.

Jun 5, 20246 min read
Incident Analysis

Dell Data Breach Exposes 49 Million Customer Records via API Abuse

In May 2024, Dell Technologies disclosed a breach exposing 49 million customer records after a threat actor exploited a partner portal API to scrape names, addresses, and purchase details, then attempted to sell the data online.

May 10, 20247 min read
Incident Analysis

Sisense Data Breach: When Your Analytics Platform Becomes the Threat

CISA issued a rare advisory urging Sisense customers to reset credentials after attackers compromised the business intelligence platform, potentially accessing customer data across thousands of organizations.

Apr 15, 20245 min read
Incident Analysis

AT&T Data Breach: 73 Million Customer Records Surface on the Dark Web

In March 2024, AT&T confirmed that a dataset containing personal information of approximately 73 million current and former customers, including encrypted passcodes, had been published on the dark web, three years after its initial appearance.

Mar 30, 20247 min read
Incident Analysis

Change Healthcare Breach: The Worst Healthcare Data Breach in U.S. History

In February 2024, a ransomware attack on Change Healthcare paralyzed the U.S. healthcare payment system for weeks and ultimately exposed the personal health data of over 100 million Americans, making it the largest healthcare data breach ever recorded.

Feb 21, 20247 min read
Incident Analysis

Bank of America Breach via Infosys McCamish Exposes 57,000 Customers

In February 2024, Bank of America disclosed that a ransomware attack on its service provider Infosys McCamish Systems had compromised the personal and financial data of over 57,000 customers, highlighting the cascading risk of vendor supply chain attacks.

Feb 12, 20248 min read
Incident Analysis

Trello API Scraping Exposes 15 Million User Accounts

In January 2024, a threat actor used an insecure Trello API endpoint to scrape and correlate email addresses with Trello account data for over 15 million users, then posted the dataset on a hacking forum.

Jan 22, 20247 min read
Incident Analysis

VF Corporation Ransomware Attack Disrupts Vans, North Face, and Timberland

In December 2023, VF Corporation, parent company of Vans, The North Face, and Timberland, suffered a ransomware attack that disrupted order fulfillment and exposed personal data of 35.5 million customers during the critical holiday shopping season.

Dec 18, 20237 min read
Incident Analysis

Xfinity Breach via Citrix Bleed Exposes 35.9 Million Customers

In December 2023, Comcast's Xfinity division disclosed that attackers exploiting the Citrix Bleed vulnerability had accessed personal data of 35.9 million customers, including usernames, hashed passwords, and partial Social Security numbers.

Dec 18, 20237 min read
data-breach (Page 2) — Safeguard Blog