Data Breach Roundup (Dec 26, 2025 – Jan 1, 2026)

Data Breach Roundup (Dec 26, 2025 – Jan 1, 2026)

Welcome to Data Breach Roundups, our new weekly series where we highlight notable data breaches we encounter. They're more common than you might think! If you want this weekly digest delivered to your inbox in the future, edit your newsletter settings to subscribe to the new 'Data Breach Roundups' mailing list.

Edit Newsletter Subscriptions

Hacker claims to leak WIRED database with 2.3 million records

An attacker claims to have breached Condé Nast, an American media company. The attacker claims to have 40 million additional records for other properties. The post didn't specify but this could potentially include names like The New Yorker, Ars Technica, Vogue, Vanity Fair, and more. Data includes subscriber's unique internal ID and email address. Other data was optional - like name, phone number, physical address, and birthday. The article says many of these were left empty.

Hacker claims to leak WIRED database with 2.3 million records
A hacker claims to have breached Condé Nast and leaked an alleged WIRED database containing more than 2.3 million subscriber records, while also warning that they plan to release up to 40 million additional records for other Condé Nast properties.
BleepingComputerLawrence Abrams

Exploited MongoBleed flaw leaks MongoDB secrets, 87K servers exposed

A new massive vulnerability (8.7 out of 10) in MongoDB has been revealed - including a proof-of-concept - putting tens of thousands of servers at risk. Fixes were already released ten days ago but given the holidays (and the general track record of these things) I'm sure we can expect to see a lot of companies showing up in these weekly updates for the next several weeks.

Exploited MongoBleed flaw leaks MongoDB secrets, 87K servers exposed
A severe vulnerability affecting multiple MongoDB versions, dubbed MongoBleed (CVE-2025-14847), is being actively exploited in the wild, with over 80,000 potentially vulnerable servers exposed on the public web.
BleepingComputerIonut Ilascu

Korean Air data breach exposes data of thousands of employees

This was caused by Korean Air's in-flight catering service being hacked. News reports claim about 30,000 records were stolen. The article didn't clarify what data was stolen.

Korean Air data breach exposes data of thousands of employees
Korean Air experienced a data breach affecting thousands of employees after Korean Air Catering & Duty-Free (KC&D), its in-flight catering supplier and former subsidiary, was recently hacked.
BleepingComputerSergiu Gatlan

Trust Wallet confirms extension hack led to $7 million crypto theft

A compromised Chrome extension update released on December 24 allowed attackers to steal funds. Trust Wallet has said they will cover the cost to users and are investigating further. Attackers (potentially unrelated) also launched phishing domains around the same time promising a patched version of the extension but would actually steal more funds. This is a reminder to use only trusted, custodial wallets such as Cake Wallet (ideally with Monero).

Trust Wallet confirms extension hack led to $7 million crypto theft
Several users of the Trust Wallet Chrome extension report having their cryptocurrency wallets drained after installing a compromised extension update released on December 24, prompting an urgent response from the company and warnings to affected users. Simultaneously, BleepingComputer observed a phishing domain launched by hackers.
BleepingComputerAx Sharma

Community Discussion