Recent Breaches

Bounty, the pregnancy and parenting club, has been fined £400,000 for illegally sharing personal information belonging to more than 14 million people. The Information Commissioner’s Office found Bounty had breached the Data Protection Act by sharing 34.4 million...

As many as 6,600 customers of online contact lens shop Vision Direct are at risk of having their personal details, including financial information, stolen in a November data breach. A total of 16,300 people were thought to be at risk of the breach, although 9,700 of...

As many as 500 million customers of hotel giant Marriott may have had their personal data compromised, and for an undisclosed number that could have include payment card numbers and expiry dates. The hotel chain said that those card numbers were encrypted with...

Up to 100 million Quora user accounts have been compromised after hackers breached the systems of the question-and-answer website. Quora CEO Adam D'Angelo revealed in a blog post that the company discovered "some user data was compromised as a result of unauthorised...

Major figures from the German political establishment - minus the far-right Alternative für Deutschland - have been victim to a wide-ranging cyber attack that has affected hundreds of Germany politicians as well as stealing personal data from celebrities and...

An EE employee accessed his ex-girlfriend's mobile account, switched her number to a new handset and changed her registered address so that all her texts and calls made to her were instead sent to him. The perpetrator also gained access to her bank details and new...

A cyber security researcher has discovered the largest ever collection of leaked data, an 87GB package of 12,000 files, including more than 772 million email addresses and 21 million passwords. Troy Hunt, who runs the Have I Been Pwned website, found the trove after...

Mumsnet users were accidentally logged into the accounts of strangers after a botched software change that was part of the company's move to the cloud. Between 2pm on 5 February and 9am on 7 February, any users logged into the site could have had their account...

written by Luke Graham at City A.M. Back in December, I wrote an article asking why, six months after the European Union’s General Data Protection Regulation (GDPR) had come into force, we had not yet seen any major fines or punishments for firms that had misused or...