Grayback Forestry Data Breach Notice to Consumers
The Vermont Attorney General's office has published a data breach notice from Grayback Forestry to consumers. This notice informs consumers about a security incident that may have compromised their personal information.
Trinity Health Data Breach Notice to Consumers
The Vermont Attorney General's office has published a data breach notice from Trinity Health to consumers. This notice informs consumers about a data security incident affecting their personal information.
Shambhala USA Data Breach Notice to Consumers
The Vermont Attorney General's Office has published a data breach notice from Shambhala USA, dba Karme Choling, to consumers. The notice informs consumers about a data security incident that may have compromised personal information.
Philadelphia Corporation for Aging Data Breach Notice
The Vermont Attorney General's Office has published a data breach notice concerning the Philadelphia Corporation for Aging. This notice informs consumers about a data security incident that may have affected their personal information.
Hypertherm Data Breach Notice to Consumers
The Vermont Attorney General's Office has published a data breach notice from Hypertherm to consumers. This notice informs consumers about a data security incident that may have impacted their personal information. The document serves as an official notification regarding the breach.
TEMPTU Inc. Data Breach Notification for North Dakota Residents
TEMPTU Inc. has notified the North Dakota Attorney General of a data security incident affecting two residents. The breach, discovered on December 18, 2018, potentially exposed credit card numbers and names of individuals who used their cards on TEMPTU's website between November 1 and November 21, 2018.
North Country Business Products Data Security Incident Notification
North Country Business Products is notifying the North Dakota Attorney General's office of a data security incident affecting an undetermined number of North Dakota residents. The incident involved malware deployed to business partners' restaurants, potentially exposing credit and debit card information.
CHS Inc. Data Breach Notification
CHS Inc. notified the North Dakota Attorney General's office of an inadvertent disclosure of personal information of North Dakota residents on March 11, 2019. The disclosure involved employee and dependent data sent to a vendor via email, which was promptly deleted and confirmed as not accessed.
North Dakota Data Breach Notification - ShareThis
ShareThis, Inc. has notified the North Dakota Attorney General of a data security incident that may have affected personal information of North Dakota residents. The incident, believed to have occurred in July 2018, may have exposed names, email addresses, hashed passwords, and birth dates. ShareThis is providing notice to affected individuals and offering guidance on identity theft protection.
Decisely Insurance Data Breach Compromised PII, SSN
Decisely Insurance reported a data breach in June 2025 that may have compromised personal information, including PII and SSNs. The NJCCIC advises affected individuals to review guidance on identity theft and compromised PII.
Sax LLP Data Breach Impacts 228,000 Individuals
Sax LLP, a financial services firm, disclosed a data breach affecting over 228,000 individuals nationwide. The breach, identified in August 2024, compromised personal information including names, dates of birth, and Social Security numbers. Affected individuals are being notified.
Monroe University Data Breach Affects 320,000 Individuals
Monroe University disclosed a data breach affecting over 320,000 individuals, with personal, financial, and health information acquired by threat actors. The university has begun notifying affected individuals, and the NJCCIC recommends reviewing guidance on compromised PII.
Prosper Marketplace Data Breach Notification
The NJCCIC has issued a notice regarding a data breach at Prosper Marketplace, Inc., a fintech company. The breach, which occurred between June and August 2025, compromised sensitive personal information including SSNs and bank details for impacted individuals. Affected individuals are advised to review identity theft resources.
700Credit Data Breach Exposes PII and SSN
700Credit disclosed a data breach affecting its 700Dealer.com application, exposing PII and Social Security numbers. The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) advises affected individuals to review guidance on identity theft and compromised PII.
Iowa Security Breach Notifications - 2024
The Iowa Attorney General's office has published a list of 64 security breach notifications reported in 2024. This notice serves as a public record of organizations that have experienced data breaches and reported them to the state.
Iowa Security Breach Notifications - 2023
The Iowa Attorney General's office has published a list of security breach notifications reported in 2023. This notice serves as a public record of incidents affecting Iowans, providing details on the organizations involved and the dates of reported breaches.
Iowa Attorney General 2022 Security Breach Notifications
The Iowa Attorney General's office has published its 2022 list of security breach notifications. The data indicates 32 breaches occurred, resulting in the compromise of approximately 2.6 million records. This notice serves as a public record of these incidents.
Iowa Security Breach Notifications - 2025
The Iowa Attorney General's office has published its list of security breach notifications for 2025. This notice provides a public record of organizations that have reported data breaches affecting Iowa residents, including links to official notification documents.
Iowa Security Breach Notifications - 2026
The Iowa Attorney General's office has published a list of six data breaches reported in early 2026. These notifications are part of the state's ongoing consumer protection efforts regarding security incidents.
Node.js Multiple Vulnerabilities Security Patches
CERT-FR has issued a security advisory regarding multiple vulnerabilities discovered in Node.js versions 20.x, 22.x, 24.x, and 25.x. Security patches are scheduled for release on March 24, 2026, to address these issues.
Apple Products Vulnerability: Security Policy Bypass
CERT-FR has issued a security advisory regarding a vulnerability discovered in Apple products, including iOS, iPadOS, and macOS. The vulnerability allows for a security policy bypass. Users are advised to refer to Apple's security bulletin for patch information.
Citrix XenServer Vulnerability Allows Security Policy Bypass
CERT-FR has issued an advisory regarding a vulnerability in Citrix XenServer (CVE-2026-23554) that allows for security policy bypass. The advisory urges users to apply security patches provided by Citrix to affected systems.
GLPI Vulnerabilities: SQL Injection, Security Bypass
CERT-FR has issued a security advisory regarding multiple vulnerabilities in GLPI software, versions prior to 11.0.6. These vulnerabilities include SQL injection and security bypass, potentially allowing attackers to compromise systems. Users are advised to consult the publisher's security bulletins for patch information.
CERT-FR: Multiple MongoDB Vulnerabilities
CERT-FR has issued a security advisory regarding multiple vulnerabilities discovered in MongoDB. The advisory details affected versions and directs users to MongoDB's security bulletins for patch information. The specific risk is not detailed by the publisher.
CERT-FR: Multiple Vulnerabilities in Suricata
CERT-FR has issued a security advisory regarding multiple vulnerabilities discovered in Suricata versions 7.0.x and 8.0.x. Users are advised to consult the Suricata security bulletin for patch information.
Multiple vulnerabilities found in Atlassian products
The CERT-FR has issued a security advisory regarding multiple vulnerabilities discovered in Atlassian products, including Confluence and Jira. These vulnerabilities could lead to remote code execution, denial of service, and data breaches.
VMware Products Multiple Vulnerabilities Advisory
CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in various VMware products. The advisory lists affected versions and directs users to VMware's security bulletins for remediation. The specific risk is not detailed by the publisher.
IBM App Connect Enterprise Multiple Vulnerabilities
CERT-Bund has issued a security advisory for IBM App Connect Enterprise, detailing multiple critical vulnerabilities with a CVSS score of 9.3. These vulnerabilities could allow remote attackers to cause denial-of-service or enable cross-site scripting attacks.
Linux Kernel Vulnerabilities
CERT-Bund has issued a security advisory for multiple vulnerabilities in the Linux Kernel, rated with a critical CVSS base score of 9.8. These vulnerabilities could lead to denial-of-service conditions or memory corruption. Mitigation measures are available.
nghttp2 Vulnerability Allows Denial of Service
CERT-Bund has issued a security advisory regarding a vulnerability in nghttp2 versions prior to 1.68.1. The vulnerability allows remote attackers to perform a Denial of Service attack. The advisory provides mitigation information and affected systems.
Wazuh Vulnerabilities Allow Critical Remote Attacks
CERT-Bund has issued a security advisory for Wazuh, detailing multiple vulnerabilities that allow critical remote attacks with a CVSS score of 9.1. The advisory affects Wazuh versions prior to 4.14.3 and impacts UNIX and other operating systems.
Red Hat Enterprise Linux and OpenShift Vulnerabilities Disclosed
CERT-Bund has issued a security advisory regarding multiple vulnerabilities in Red Hat Enterprise Linux (RHEL) and Red Hat OpenShift. The vulnerabilities have a CVSS Base Score of 7.3 and could allow for arbitrary code execution, denial of service, file manipulation, and information disclosure.
Atlassian Jira Multiple Vulnerabilities
CERT-Bund has issued a security advisory for Atlassian Jira, detailing multiple vulnerabilities with a CVSS base score of 7.2. The advisory affects Data Center and Server versions prior to specific releases. Users are advised to implement mitigations.
CERT-Bund: MongoDB Vulnerabilities Disclosed, Remote Attack Possible
CERT-Bund has issued a security advisory regarding multiple vulnerabilities in MongoDB, versions prior to 8.3.0-rc0, 8.0.20, 7.0.31, and 8.2.6. These vulnerabilities allow for remote attacks, including information disclosure and arbitrary code execution. The advisory highlights a high CVSS Base Score of 8.8.
Budibase Vulnerability Allows Bypass and Information Disclosure
CERT-Bund has issued a security advisory (WID-SEC-2026-0776) regarding a vulnerability in Budibase, an open-source low-code platform. The vulnerability allows remote, authenticated attackers to bypass security mechanisms and disclose information. Affected versions include Budibase <=3.30.6.
Red Hat JBoss Platform Denial of Service Vulnerability
CERT-Bund has issued a security advisory for Red Hat JBoss Enterprise Application Platform, detailing a vulnerability that allows remote attackers to cause a Denial of Service. The advisory provides information on affected versions and mitigation strategies.
Apple iOS, iPadOS, macOS Vulnerability Allows Security Bypass
CERT-Bund has issued a security advisory for a vulnerability in Apple iOS, iPadOS, and macOS that allows security bypass. The advisory details affected versions and provides mitigation information. The vulnerability has a high CVSS base score.
Canonical Snap Vulnerability Allows Administrator Rights Escalation
CERT-Bund has issued a security advisory (WID-SEC-2026-0758) regarding a vulnerability in Canonical Snap that allows for administrator rights escalation on Linux systems. The advisory details affected versions of Ubuntu Linux snapd and provides mitigation information.
IBM Planning Analytics Vulnerabilities Allow DoS, Info Disclosure
CERT-Bund has issued a security advisory for IBM Planning Analytics, detailing multiple vulnerabilities. These flaws, with a CVSS base score of 7.5, can be exploited for denial of service, information disclosure, and bypass of security measures. The advisory applies to versions prior to 2.1.18.
Xen, Citrix XenServer Vulnerabilities - Local Privilege Escalation
CERT-Bund has issued a security advisory (WID-SEC-2026-0760) regarding multiple vulnerabilities in Xen and Citrix XenServer. These vulnerabilities, with a CVSS Base Score of 7.8, could allow local attackers to escalate privileges, cause a denial-of-service, or disclose confidential information.
Keycloak Vulnerability Allows Information Disclosure
CERT-Bund has issued a security advisory regarding a vulnerability in Keycloak that allows for information disclosure. The vulnerability affects Keycloak versions running on Linux and UNIX operating systems. Users are advised to consult the advisory for mitigation details.
Atlassian Confluence Vulnerability Allows Code Execution
CERT-Bund has issued a security advisory for Atlassian Confluence, detailing a vulnerability that allows remote code execution. Affected versions include Confluence Data Center and Server prior to specific releases. Mitigation is available.
Dell Remote Access Controller Vulnerabilities
CERT-Bund has issued a security advisory regarding multiple vulnerabilities in Dell Remote Access Controller (iDRAC) versions. The vulnerabilities could allow attackers to execute arbitrary code or disclose sensitive information. Mitigation is available.
Phoenix Contact FL SWITCH Multiple Vulnerabilities
CERT-Bund has issued a security advisory for Phoenix Contact FL SWITCH industrial network switches due to multiple vulnerabilities. The vulnerabilities could allow remote attackers to execute arbitrary code, cause denial-of-service, or manipulate data.
Grafana Tempo Vulnerability Allows Information Disclosure
CERT-Bund has issued a security advisory for Grafana Tempo, detailing a vulnerability (CVSS 7.5) that allows remote attackers to disclose information. Affected versions are prior to 2.10.3, impacting Linux and UNIX systems.
ConnectWise ScreenConnect Privilege Escalation Vulnerability
CERT-Bund has issued a security advisory (WID-SEC-2026-0763) regarding a critical vulnerability in ConnectWise ScreenConnect versions prior to 26.1. The flaw allows remote attackers to bypass security measures and potentially escalate privileges on affected systems running Linux, UNIX, or Windows.
EU Officials Discuss Digital Rulebook Simplification and Regulatory Interplay
EU officials discussed ongoing efforts to simplify the bloc's digital rulebook and the critical role of regulatory interplay. The European Data Protection Board workshop highlighted how regulations like the GDPR, DMA, and DSA must work together seamlessly for consistent enforcement and clarity.
Calderdale Council Information Notice
The ICO has issued an information notice to Calderdale Council regarding a data protection matter. This notice is part of the ICO's enforcement activities in the local government sector.
City of London Police Reprimanded for Data Protection Failures
The UK's Information Commissioner's Office (ICO) has issued a reprimand to the Commissioner of Police for the City of London for failing to respond to Subject Access Requests (SARs) within statutory timeframes. This action highlights data protection obligations for law enforcement agencies.
ICO Enforcement Action Against North Tees NHS Trust
The UK's Information Commissioner's Office (ICO) has issued an enforcement notice against North Tees and Hartlepool NHS Foundation Trust. This action follows an investigation into a data breach, with the ICO mandating specific corrective actions.
Data Theft Conviction: Munro and Chipoma Sentenced
The ICO has announced the sentencing of Christopher Munro and William Chipoma for data theft and sale, involving over 400 UK garages. Both individuals received suspended prison sentences and community service after pleading guilty to offenses under the Computer Misuse Act and Data Protection Act 1998.
Cumbria Constabulary Information Notice
The Information Commissioner's Office (ICO) has issued an information notice to the Chief Constable of Cumbria Constabulary. This notice requires the Constabulary to provide specific information related to an ongoing investigation.