OpenAI Data Breach – Threat Actor Allegedly Claims 20 Million Logins for Sale
Threat actors from dark web forums claim to have stolen and leaked 20 million OpenAI user login credentials, potentially making OpenAI the latest high-profile target of a significant data breach. This alleged breach has raised serious concerns among tech users and cybersecurity experts worldwide.
The alleged breach includes a sample of login credentials (emails and passwords) being offered for sale for just a few dollars.
While the claims have not yet been officially confirmed or denied, cybersecurity experts are urging caution.
Hackers often make exaggerated claims in such forums to attract attention or buyers, but the potential scale of this breach is significant enough to warrant immediate concern.
Immediate Steps for Users
While the investigation unfolds, OpenAI users are strongly advised to take the following precautions:
- Change Passwords: Update account passwords immediately and consider enabling two-factor authentication (2FA) for additional security.
- Monitor Activity: Keep an eye on your account for any unusual activity or unauthorized usage.
- Beware of Phishing Scams: Threat actors may exploit the situation by launching phishing attacks, prompting users to reveal further sensitive information.
US Employee Background Check Firm Hacked, 3 Million Records Exposed
DISA Global Solutions, a Houston-based provider of employee background checks and workplace safety services, disclosed a significant cybersecurity incident exposing the personal information of over 3.3 million individuals, including 15,198 Maine residents.
The breach occurred on February 9, 2024, but was not detected until April 22, 2024, according to a data breach notification filed with the Maine Attorney General’s office.
The compromised data includes names combined with other personal identifiers, heightening risks of identity theft and financial fraud.
Kenya data breach: fingers point to Moldovan firm, B2Bhint
As Africa becomes a hotbed for cyber-attacks, a little-known Moldovan firm allegedly exploited a weakness in Kenya’s government-owned Business Registration Service (BSR) to gain access to sensitive data of major shareholders in registered firms, according to Business Daily.
BRS is the sole custodian of a list of all companies and information for entities registered in Kenya.
According to Business Daily, B2Bhint, a Moldovan business intelligence firm, was selling a ‘goldmine’ of data of prominent shareholders in two million companies yesterday, including residential addresses, emails, and phone numbers.
Zacks Investment Data Breach Exposes 12 Million Emails and Phone Numbers
A cybersecurity incident at Zacks Investment Research has exposed sensitive data belonging to 12 million users, marking the second major breach for the financial services firm since 2022.
The compromised information includes email addresses, phone numbers, names, IP addresses, physical addresses, and weakly protected password hashes, raising concerns about identity theft and credential-stuffing attacks.
MGM Resorts International Agrees to Pay $45 Million to Settle a Consolidated Data Breach Lawsuit
MGM Resorts International has agreed to pay $45 million to settle a data breach lawsuit stemming from cybersecurity incidents in 2019 and 2023 that exposed the personal information of 37 million people.
The 2023 ransomware attack also affected other recreation facilities, including Caesar Entertainment and was claimed by the Russian ransomware gang Scattered Spider.
A federal judge in the U.S. District Court for the District of Nevada approved the preliminary settlement pending final confirmation.
Stablecoin Bank Hacked – Hackers Stolen $49.5M in Attack
In a high-profile security breach, decentralized finance protocol @0xinfini suffered a $49.5 million USDC theft, marking one of the largest stablecoin exploits of the year.
The attacker executed a multi-stage laundering operation, converting stolen USDC to DAI, purchasing 17,696 ETH ($2,800 per unit), and funneling funds to wallet 0xfcc8…6e49 within 75 minutes.
The incident precipitated immediate market dislocations: USDC depegged 0.2% to $0.998, DAI gained 0.05%, and ETH prices swung 2% amid surging volumes.
Engineering firm IMI hit with cyber attack just days after Smiths Group incident
Birmingham-based engineering firm IMI has revealed that it has been hit by a cyber attack.
The FTSE-100 firm said the incident involved unauthorised access to its systems, but gave no further details.
“As soon as IMI became aware of the unauthorised access, the company engaged external cybersecurity experts to investigate and contain the incident. In parallel, the company is taking the necessary steps to comply with our regulatory obligations,” it said.
The company said that customers and staff had been informed about the incident.
Massive Data Breach Exposes Americans’ Financial Details — Names, Card Numbers, PINs and More at Risk
The Office of the Maine Attorney General announced that in a significant cybersecurity breach, the personal, medical and financial records of more than 569,000 Americans have been exposed.
What Happened: The California-based non-profit organization NorthBay Healthcare Corporation fell victim to an external system breach. The unauthorized entity infiltrated the firm’s computer systems from January 11 to April 1, 2024.
According to the report by the Office of the Maine Attorney General, the breach laid bare sensitive data such as names, birthdays, Social Security numbers, passport numbers, financial account numbers, medical and biometric information, health insurance details, driver’s license numbers, and state or other government-issued identification numbers.
The intruders also procured usernames and passwords, credit or debit card numbers, expiration dates, security codes, and personal identification numbers (PINs).
Raymond Reports Cyber Security Incident Affecting IT Assets
Real estate firm Raymond Ltd on Wednesday reported a cyber security incident at the company that impacted some of its IT assets.
In a regulatory filing, Raymond Ltd informed that “a cyber security incident has occurred at the company and it has impacted some of the IT assets which have been isolated.”
The incident has not impacted our core systems and operations, it added.
“None of our customer operations and store operations have been affected and the same are up and running normally,” the company said.
Grubhub Data Breach
Data breaches have become an increasingly common concern in today’s digital age. Recently, Grubhub, a leading food delivery platform, confirmed a security breach that has exposed users’ personal information. An unauthorized individual gained access to the personal details of customers, drivers, and merchants who had interacted with Grubhub’s customer care service. Campus diners using Grubhub’s Campus Dining service were also affected.
The compromised data included personal details such as names, email addresses, and phone numbers. For some campus diners, partial payment card information, specifically the card type and the last four digits of the card number, was also accessed. Hashed passwords for certain older systems were compromised. Grubhub has since terminated access to the compromised account and removed the service provider from its systems.
Genea IVF Clinic Breached – Thousand of Patient Data at Risk
Genea, one of Australia’s largest IVF providers, has confirmed that an unauthorized third party accessed its systems, potentially compromising sensitive patient data.
The breach has left thousands of patients uncertain about their treatment schedules and medication plans, as critical digital platforms and phone lines remain inoperable.
Cyberattack on Australia’s Genea: Stolen Patient Data Hits the Dark Web
The Termite ransomware group has allegedly leaked sensitive patient data following the Genea cyberattack, targeting one of Australia’s leading fertility providers. On February 26, 2025, the Termite ransomware group claimed responsibility for breaching Genea Pty Ltd’s systems.
The group alleges to have stolen 700GB of data from 27 of the company’s servers, potentially compromising sensitive personal information. The released data, which includes financial documents, invoices, medical reports, personal identification records, and questionnaires, appears to contain Protected Health Information (PHI), including medical histories and personal details.
Cyber incidents hit Cleveland Municipal Court, Maryland county
Operations of the Cleveland Municipal Court have been interrupted since Monday following a cyberattack that prompted the shutdown of all its internal systems and software platforms, according to The Record, a news site by cybersecurity firm Recorded Future.
Cleveland Municipal Court’s system takedown has been implemented “as a precautionary measure” amid ongoing efforts to investigate the nature and extent of the incident, as well as to restore affected services, said court officials.
Philippine Army Detects Cyberattack on Network Infrastructure
Days before the army’s disclosure, Philippine-based digital security advocacy organization Deep Web Konek announced an incident that compromised the army’s network capabilities and leaked “highly sensitive personal and operational data of military personnel.”
Stolen data incorporated about 10,000 pieces of critical information from active and discharged service members between 2018 and 2024, according to Deep Web Konek.
Angel One Data Breach: 8 Million Users Personal Records at Risk
Angel One, a leading financial services platform, disclosed a breach involving unauthorized access to specific client data after some of its Amazon Web Services (AWS) resources were compromised.
The incident was discovered on February 27, 2025, when the company received alerts from its dark-web monitoring partner about a potential data leakage.
Threat actors claimed the leak on multiple hacker forums.
Chinese Hackers Breach Belgium State Security Service as Investigation Continues
Belgium’s State Security Service(VSSE) has suffered what is being described as its most severe security breach to date.
For nearly two years, a group of Chinese hackers exploited a vulnerability in Barracuda’s Email Security Gateway Appliance, a cybersecurity tool used by the VSSE, to access approximately 10% of the agency’s email traffic.
The breach, which also impacted the Belgian Pipeline Organisation, was first revealed in 2023 by Knack and Datanews, but its full extent has only now come to light.
Although classified information appears to have been spared, the hackers potentially compromised personal data belonging to nearly half of the VSSE’s personnel.
The internal investigation has so far failed to determine precisely what data was stolen.
Discover more from Information Security Blogs
Subscribe to get the latest posts sent to your email.
