Category: Data Breach
-
Aura’s 900K-Record Data Breach Proves the Best Data Protection Is Local Deletion
Quick Story Summary In March 2026, Aura confirmed a breach affecting ~900,000 records after a one-hour vishing attack compromised a single employee account. Exposed data included names, emails, phone numbers, addresses, IPs, and support comments; no SSNs, passwords, or financial data were accessed. Most records (~865,000) came from a legacy marketing database inherited via a…
-
Discord Bulk Deletions Surge 350% After Global ID Verification Announcement
When Discord announced its global age verification rollout on February 9, user backlash was immediate. Within 48 hours, we observed a dramatic shift in behavior on our platform: Discord-related traffic to Redact surged 350%. This isn’t just reflected in a push from Discord users to delete their data, but in a massive spike in search…
-
Discord Says Most Users Won’t Need to Verify Their Age – Here’s What They’re Not Telling You
Quick Story Summary After backlash to its global age verification announcement, Discord clarified that most users will not need to upload ID or complete a face scan. Instead, Discord relies on a background “age inference model” that profiles user behavior to classify accounts as adult or teen. The model analyzes signals like account tenure, device…
-
Discord’s Global Age Verification Rollout: What It Means for Your Privacy
📌 Update – February 11, 2026 After significant backlash, Discord updated its press release, now saying “the vast majority of people” can keep using the platform without verifying their age; contradicting its original teen-by-default framing. Instead, Discord is emphasizing a background “age inference model” that silently analyzes behavior to estimate age, with face scans and…
-
Instagram Password Reset Emails – 17.5 Million Instagram Accounts Exposed
Quick Story Summary A leak affecting roughly 17.5 million Instagram accounts (from 2024) is being used to fuel waves of unexpected password reset emails. The exposed dataset reportedly includes emails, phone numbers, and sometimes location-related data—enough to enable targeted scams and account takeover attempts. Researchers say attackers harvested the data via an API-based scraping leak,…
-
OpenAI Confirms Third-Party Data Breach Through Mixpanel: What Users Need to Know
OpenAI has disclosed a new security incident – this time not within its own systems, but through Mixpanel, a third-party analytics provider. The breach exposed limited user-identifiable information tied to OpenAI API accounts, raising fresh concerns over vendor security, data minimization, and the privacy expectations we place on AI companies. According to OpenAI’s notification email…
-
Hacked UC Berkeley Data Allegedly for Sale on a Cybercrime Forum Raises Questions the University Refuses to Answer
A look at the claims, the actors amplifying them, and the absence of a formal campus disclosure On July 31, 2025, a dark-web monitoring firm said a “full university database” tied to UC Berkeley had been put up for sale. Within days, another cyber-intel team published a summary of a forum listing that allegedly offered…
-
Toys “R” Us Canada confirms customer data leak after dark-web post
The retailer says names, addresses, emails, and phone numbers were copied from a customer database. Passwords and payment data were not included, according to notices sent this week. What happened, in brief What data was exposed Notices and media reports state the leaked dataset includes names, mailing addresses, email addresses, and phone numbers. Current reporting…
-
“Cancel the Hate” app leaked user data
What is this app? “Cancel the Hate” was an app tied to a website that invited people to submit reports about individuals accused of criticizing activist Charlie Kirk. According to Straight Arrow News, it launched shortly after the Sept. 10 shooting of Kirk and asked users to provide names, locations, and employers of alleged offenders.…
-
70,000+ Government IDs Leaked in Discord x Zendesk Breach
Story summary: Customer support data tied to Discord was exposed after a Zendesk vendor account was compromised. Leaked items include uploaded documents and attachments, including government ID images for account appeals. Impact review is ongoing while Discord contacts affected users and rotate internal credentials. What’s next? Watch for official notices sent to your account email…