The 2025 Memorial Day weekend was filled with some big cybersecurity news headlines. Here’s what you might have missed:
A major database containing login information for over 184 million accounts across applications including Microsoft, Facebook, Snapchat, Instagram, Roblox, Apple, and more was recently discovered by security researcher Jeremiah Fowler.
The owner of the database has not been identified, but Fowler believes that the database shows “multiple signs” that the data was stolen and compiled by malicious actors.
(–Source: TechRadar
Read More: Login and password details for Apple, Google and Meta accounts found in huge data breach of 184 million accounts | TechRadar )
An unauthorized third-party stole personal information from Adidas customers through a third-party customer service provider. The stolen data “mainly consists” of contact information belonging to customers who reached out to the sportswear brand’s help desk, and does not appear to have compromised any customer payment information.
The company is currently working on notifiying affected customers as well as law enforcement.
(–Source: BBC on MSN
Read More: Adidas says customer data stolen in cyber attack )
In early January of this year, cloud-based school operations software, PowerSchool, began notifying school districts using the program of a data breach which is claimed to have compromised the personal information of over 62.4 million students and 9.5 million teachers. The hacker who carried out the attack, a 19-year-old college student in Massachusetts, is now facing up to 17 years in prison.
Matthew D. Lane is being charged with hacking, extortion, and identity theft charges and plans to plead guilty. PowerSchool is facing at least 23 class-action lawsuits related to this breach.
(–Source: Data Breach Today
Read More: College Student to Plead Guilty to Hacking PowerSchool )
The Everest ransomware group is claiming to have stolen personal information belonging to Coca-Cola employees, as well as internal company documents. Coca-Cola is likely investigating this claim after the ransomware group posted screenshots of the stolen material on their dark web leak site.
(–Source: Security Daily Review
Read More: Coca-Cola Investigates Alleged Data Breach Tied to Everest Ransomware Group – Security Spotlight )
After a security incident, the nature of which is currently unknown, Victoria’s Secret suspended its website and some in-store services “as a precaution” earlier this week.
The retailer worked quickly to enact its response protocols and is currently investigating the incident. While customers online reported issues with coupon use and order tracking, in-store sales operations continue to function as normal.
(–Source: Newsweek on MSN
Read More: Victoria’s Secret website shut down: What to know about security breach )
ConnectWise confirmed its remote access and support software ScreenConnect, was targeted by a “sophisticated nation-state actor.”
The developer said that ScreenConnect has now been patched and “enhanced monitoring and hardening measures” have been implemented. As of right now, no specific details have been released about the incident, but ConnectWise has confirmed that no other suspicious activity has been detected and an investigation has been launched.
(–Source: Infosecurity Magazine
Read More: ConnectWise Confirms Hack, “Very Small Number” of Customers Affected – Infosecurity Magazine )
