Data Breach Roundup (Jan 30 – Feb 5, 2026)

Data Breach Roundup (Jan 30 – Feb 5, 2026)

NationStates confirms data breach, shuts down game site

NationStates is a mulitplayer in-browser government simulation game. In late January the developers received a report from a player who claimed to have found a vulnerability, but also accessed user data in the process. The player has a history of reporting vulnerabilities like these and promises that any user data downloaded was deleted, but out of caution the devs are treating this like a breach. The exposed data included email address (including past email addresses), IP address, browser UserAgent strings, passwords stored in MD5, and DMs.

NationStates confirms data breach, shuts down game site
NationStates, a multiplayer browser-based game, has confirmed a data breach after taking its website offline earlier this week to investigate a security incident.
BleepingComputerAx Sharma

Panera Bread breach impacts 5.1 million accounts, not 14 million customers

Late last month, it was reported that American fast-food chain Panera Bread had suffered a data breach of 14 million customers. It's now been clarified that it was 14 million records, or just over 5 million customers. The data includes email address, name, phone number, and physical address and likely impacts employees as well as customers. Panera Bread has yet to make a formal statement or notify customers.