Date of Incident: 2025 Overview: The Iron Mountain Data Breach occurred in 2025 and was reported on February 3, 2026. It involved unauthorized access to marketing materials due to compromised credentials. The breach was limited to a single folder, with no customer confidential data, sensitive information, ransomware, or malware involved. The MITRE ATT&CK framework identified… Read More »Iron Mountain Data Breach
Date of Incident: January 2026 Overview: In January 2026, Panera Bread experienced a data breach that exposed 5.1 million unique email addresses and associated personal information such as names, phone numbers, and physical addresses, along with the personal data of over 26,000 employees. The breach occurred due to a vulnerability in Panera Bread’s customer database,… Read More »Panera Bread Data Breach
Date of Incident: January 27, 2026 Overview: The NationStates data breach, reported on February 2, 2026, involved an unauthorized remote code execution on the company’s production server on January 27, 2026. Attackers accessed and copied user data, including email addresses, MD5 hashed passwords, IP addresses, UserAgent strings, and potential private messages. The website was taken… Read More »NationStates data breach
Date of Incident: August 2025 Overview: In August 2025, a breach involving SonicWall’s cloud backup led to a ransomware attack on Marquis Software Systems, significantly impacting numerous US banks and credit unions. The attack exploited vulnerabilities in SonicWall’s firewall management system. Threat actors gained unauthorized access, stole firewall configuration files, and used them for lateral… Read More »SonicWall cloud backup hack leading to Marquis ransomware attack
Date of Incident: 2023 Overview: In 2023, Match Group experienced a data breach attributed to the ShinyHunters threat group, which leaked approximately 1.7 GB of files containing data on 10 million users from brands like Hinge, Match, and OkCupid. The breach involved unauthorized access through valid credentials, exploiting technique T1078 (Valid Accounts), but there was… Read More »Match Group Data Breach