%term

The Inaugural 2026 State of the Breach Report

Jan 14, 2026 By Guy Bejerano In SafeBreach

To kick off 2026, I’m proud to share that we’ve released the inaugural edition of the SafeBreach State of the Breach Report. This report has roots going back over 11 years when SafeBreach was originally founded. Even then, our goal was always to empower security leaders to better understand the efficacy of their security programs and make data-driven decisions—no more guessing what to do.

Read Post

SafeBreach

Read more about The Inaugural 2026 State of the Breach Report

Top 25 Cybersecurity Breaches in the UK: What Went Wrong

Jan 13, 2026 By Shail Yadav In CYJAX

A deep dive into the UK’s most significant cybersecurity breaches, examining how they happened, what went wrong, and the lessons organisations can learn. From household brands to public institutions, these incidents reveal the real cost of poor cyber resilience.

Read Post

CYJAX

Read more about Top 25 Cybersecurity Breaches in the UK: What Went Wrong

Why the Target Breach Wasn't a Detection Failure - It Was Prioritization | Garrett Hamilton at UCI

Jan 8, 2026 By Reach Security In Reach Security

Nicole Perlroth asks Garrett how Reach's involvement would have impacted the breach with Target. Attackers came in through a third-party HVAC vendor. Credentials were compromised. Alerts fired. But nothing rose to the level of urgency it deserved. As Garrett Hamilton explains at UCI, this is where security breaks down—not detection, but prioritization. Most teams keep investing in reacting faster inside the SOC. The harder (and more effective) shift is upstream: reducing the exhaust before it ever hits the console.

View Video

Reach Security

Read more about Why the Target Breach Wasn't a Detection Failure - It Was Prioritization | Garrett Hamilton at UCI

What You Need to Know about the Covenant Health Data Breach

Jan 8, 2026 By IDStrong In IDStrong

Founded in 1983 as a non-profit health care system, Covenant Health, Inc. sponsors skilled nursing homes, hospitals, assisted living residences, rehabilitation centers, and some health and elder services across New England.

Read Post

IDStrong

Read more about What You Need to Know about the Covenant Health Data Breach

Zestix Threat Actor Profile | TTPs, Victims, and Breach Activity

Dec 29, 2025 By Gemma Goldstein In Cyberint

Zestix is identified as a criminal threat actor primarily motivated by personal gain. The actor first emerged in September 2025 and operates at an intermediate resource level, functioning as an individual. Zestix has been involved in significant data breaches, notably targeting organizations in the transportation and government sectors.

Read Post

Cyberint

Read more about Zestix Threat Actor Profile | TTPs, Victims, and Breach Activity

What You Need to Know about the Aflac Data Breach

Dec 29, 2025 By IDStrong In IDStrong

The American Family Life Assurance Company of Columbus (Aflac) is a Fortune 500 company that provides financial protection through supplemental life and health insurance products to millions of individuals worldwide. Founded in 1955, the company serves policyholders and customers through its subsidiaries in the United States and Japan.

Read Post

IDStrong

Read more about What You Need to Know about the Aflac Data Breach

What You Need to Know about the University of Phoenix Data Breach

Dec 24, 2025 By IDStrong In IDStrong

The University of Phoenix was founded in 1976 and is headquartered in Phoenix, Arizona, as a private, for-profit university designed for working adults and non-traditional students balancing family, career, and education. Accredited by the Higher Learning Commission, the institution later became one of the first online universities, offering personal support, career guidance, and flexible learning opportunities through over 100 programs.

Read Post

IDStrong

Read more about What You Need to Know about the University of Phoenix Data Breach

The Breach You Didn't Expect: Your AppSec Stack

Dec 22, 2025 By Jens Eckels In JFrog

Imagine this. Your phone rings on January 2nd, and it’s your DevSecOps and AppSec groups. A major security vulnerability is exposing your business, and your teams are trying desperately to find and fix it to protect your data. You probably have scars as far back as Log4j, as well as threats from more recent incidents like npm attacks, Glassworm and others ringing in your ears. With CVEs expected to rise by tens of thousands a year, you can envision that the situation will only worsen.

Read Post

JFrog

Read more about The Breach You Didn't Expect: Your AppSec Stack

When Customer Data Quietly Walks Out the Door: Lessons from the Coupang Breach

Dec 19, 2025 By Chris Martinez In Nightfall

Large data breaches rarely begin with dramatic system failures. More often, they start with sustained, unauthorized access to sensitive data that goes undetected for months. The recent breach at Coupang, South Korea’s largest e-commerce platform, illustrates this pattern clearly. Nearly 34 million customer records were likely exposed over an extended period before detection.

Read Post

Nightfall

Read more about When Customer Data Quietly Walks Out the Door: Lessons from the Coupang Breach

Cybersecurity Predictions for 2026: Human Risk, AI Data Leaks, and the Next Big Breach

Dec 18, 2025 By Greg Pollock In UpGuard

Looking back at 2025, two mega-trends from the past have continued: First, data breaches remained a constant and continued to trend upward; and second, there was once again a headline disaster no one anticipated. The first point needs no elaboration; data breaches are like air pollution—an accepted nuisance that only occasionally becomes so severe that we wonder why we live like this. For the second point, I gesture toward the major incidents of recent years. MoveIt. Crowdstrike. Snowflake.

Read Post