DataBreachToday.com

Researcher: Internal Data Belonging to World’s Largest Lender Exposed on AWS
Navy Federal, the world’s largest credit union, left hundreds of gigabytes of internal backup files exposed on Amazon’s cloud storage service, says cybersecurity researcher Jeremiah Fowler. Exposed data included email addresses, hashed passwords and what appeared to be internal system data.

Acquisition Targets Business Email Compromise, Impersonation and Spear-Phishing
Varonis has acquired SlashNext to strengthen detection of phishing and social engineering attacks. The integration will help prevent identity compromises via email, SMS and collaboration tools while enhancing Miami-based Varonis’ AI-driven data protection.

Orthopedic Group, Medical Imaging Centers, Home Healthcare Provider Report Breaches
Specialty healthcare providers know what they're about when it comes to an irregular heartbeat or a wheezing lung. Cybersecurity, not so much. Hacks on specialty medical entities easily result in tens of thousands, if not hundreds of thousands, or even millions, of patient records being compromised.

Gap in Microsoft Blocklist Exploited, ValleyRAT Runs Undetected
A Chinese nation-state cyber group is exploiting a Microsoft-signed driver to shut down Windows security protections. The attackers deployed the driver through a custom loader. The core weakness that Silver Fox relied on remained exploitable even after patching.

'Widespread Data Theft Campaign' Compromised Many Drift OAuth Tokens, Warn Experts
Threat researchers report that "a widespread data theft campaign" traces to attackers stealing OAuth access tokens for applications integrated with Salesloft's AI chatbot Drift, then exfiltrating data. Victims include Salesforce customers Zscaler and Palo Alto Networks.

Cyber Extortion Campaign Automated Efforts to 'Unprecedented' Degree, Says AI Giant
Artificial intelligence giant Anthropic said it's disrupted a cybercrime operation that tapped its large language models, including Claude Code, to an "unprecedented" extent to help automate a data theft and extortion campaign that targeted more than a dozen critical infrastructure organizations.

No Law Enforcement Information or Austrian Personal Data Compromised, Officials Say
The Austrian government said a "targeted and professional" hack attack breached about 100 government email accounts in its interior ministry, which is chiefly responsible for public safety. Attackers also stole data, although officials said no law enforcement or personal data was exposed.

FBI Seizes Domains; Dutch Police Analyzing Seized Data to Identify Admin and Users
An international law enforcement operation involving the FBI and Dutch police has shuttered VerifTools, a "key" platform for generating fake identification documents cops have tied to multiple help desk fraud, cryptocurrency theft and other cybercrime cases.

Also: Netskope's High-Stakes IPO, How AI Sovereignty Threatens Our Shared Reality
In this week's update, four ISMG editors discussed explosive whistleblower claims about alleged mishandling of Americans' sensitive U.S. Social Security data, Netskope's push for an initial public offering and the global fight over the geopolitical sovereignty of artificial intelligence platforms.

Absolute Dental Says Breach Involved Third-Party Managed Services Firm
A Nevada dental practice is notifying more than 1.2 million individuals of a hacking incident that compromised sensitive health and personal information. The incident involved "inadvertent execution of a malicious version of a legitimate software tool," said Absolute Dental.

Defense Department Suspends, Reviews Microsoft 'Digital Escorts' Program
The Pentagon is reviewing Microsoft's decade-long use of "digital escorts" - U.S.-based staff who review code from Chinese engineers - into military cloud systems, a workaround now deemed a "breach of trust" that may have exposed sensitive but unclassified government data.

Cisco Visionary, HPE Juniper Challenger in Inaugural Hybrid Mesh Firewall Ranking
Network security behemoths Palo Alto Networks, Fortinet and Check Point Software topped Gartner's first-ever Magic Quadrant for hybrid mesh firewalls. Gartner said the firewall market is moving toward centralized orchestration, interoperability and AI-powered automation.

FPT's Leonard Bertelli on the Shift From Reactive Monitoring to Predictive Insight
Observability has now become a mission-critical capability for enterprises operating complex, distributed and AI-driven systems. Leonard Bertelli, senior vice president at FPT Americas, shares how observability is changing and why both culture and technology must align to move enterprises forward.

AI Giants Evaluated Each Other's Newer Models for Safety Risks
OpenAI and Anthropic evaluated each other's AI models in the summer, testing for concerning behaviors that could indicate misalignment risks. Both companies released their findings simultaneously: no model was severely problematic, but all showed plenty of troubling behavior in testing scenarios.

Oslo University Hospital CSO Torkel Thune on Nordic Threat Landscape
Torkel Thune, head of the department for architecture, operational IT security and chief security officer at Oslo University Hospital, discusses how global shifts are affecting cybersecurity for the Nordic region, and how healthcare is especially vulnerable.

CISO Tammy Klotz Discusses the Value of Peer Support in Advance of ManuSec 2025
Manufacturers face many challenges in securing OT and IT systems, from legacy technology to managing vulnerabilities. Tammy Klotz, CISO at Trinseo and last year's ManuSec Summit event chair, discusses the value of sharing firsthand insights with a cybersecurity community.