Best of Data BreachSeptember 2025

  1. 1
    Article
    Avatar of thnThe Hacker News·34w

    How One Bad Password Ended a 158-Year-Old Business

    KNP Logistics, a 158-year-old UK transport company, was forced into administration after the Akira ransomware group gained access through a weak, easily guessed employee password. The attackers encrypted critical data, destroyed backups, and demanded £5 million ransom, leading to 700 job losses. The incident highlights how basic security failures can destroy established businesses, with 45% of compromised passwords being crackable within a minute. Strong password policies, multi-factor authentication, zero-trust architecture, and tested backup systems are essential defenses against such attacks.

  2. 2
    Article
    Avatar of troyhuntTroy Hunt·33w

    Welcoming CERN to Have I Been Pwned

    CERN, the birthplace of the World Wide Web and home to the Large Hadron Collider, has joined Have I Been Pwned as the 41st intergovernmental organization. This partnership provides CERN with free access to query breach data across all their domains, helping protect their staff from online threats. The announcement highlights CERN's unique position as an intergovernmental organization that transcends national borders while facing the same cybersecurity challenges as sovereign governments.

  3. 3
    Article
    Avatar of cujeptesdjlakzfxt7xfzDickson A.·34w

    Y Combinator Bot Secrets Leak

    Y Combinator experienced a security incident where bot secrets were compromised and exposed. The organization responded quickly to address the vulnerability, and the related GitHub issue has since been removed.

See all Data Breach archives