Data breach stories

Keeper Security launches Verify Mode for enterprise browser extension, warning users before passwords are entered on suspicious sites to curb phishing logins.

Avatier unveils offline Identity Challenge Card as firms seek fallback access after Stryker hack exposes MFA weaknesses.

Unpatched VPN gateways are leaving organisations open to ransomware and outages, as modern Zero Trust access cuts off the exposed front door.

Cohesity deepens Google Cloud partnership with new AI and cyber recovery features as it lands 2026 Partner of the Year honour.

The Gentlemen ransomware group has surged to second place in 2026 by victim count, with Check Point saying it may be far larger than its public tally.

Critical Microsoft flaws double as Azure and Dynamics 365 risks surge, BeyondTrust warns organisations to prioritise identity and privilege controls.

ShareGate survey finds AI tools have surfaced sensitive data at 29% of firms, exposing a widening gap between confidence in governance and reality.

Vercel says an attack on a third-party AI tool let hackers hijack a staff Google Workspace account and reach internal systems.

Survey finds most enterprises are struggling to control AI agents, with hidden systems, data exposure and weak decommissioning processes raising risk.

UK firms race ahead with Microsoft Copilot, but ShareGate survey finds AI tools are exposing sensitive data and exposing governance gaps.

Anthropic's Mythos spots corporate network attacks in hours, while security experts warn unmanaged AI agents are becoming a critical enterprise risk.

ReliaQuest says suspected former Black Basta operators are bombarding staff with emails and posing as IT support in Microsoft Teams to reach senior executives.

SMBs already own the tools, but cyber breaches keep breaking through because patchwork security, weak access controls and over-trust still leave gaps.

Booking.com tells some customers to watch for phishing after suspicious activity exposed reservation details, contact data and messages linked to bookings.

Certes says v7 extends quantum-safe data protection to edge systems, letting organisations secure hybrid workloads without application rewrites.

Identity failures are now the main way cyber attackers breach firms, with experts warning that non-human credentials are widening the risk.

Hiscox says UK SMEs often face repeat ransomware demands after paying, with many still forced to rebuild systems and suffer fresh disruption.

TrendAI urges stronger AI governance as it shifts cybersecurity from fear-based selling to platformised risk reduction for Australian firms.

Commvault adds structured database controls to Commvault Cloud after Satori deal, aiming to curb AI-era exposure across live and backup data.

Asia-Pacific firms warned that weak backup controls, poor endpoint hygiene and legacy systems could worsen ransomware losses and breach penalties.