Data Breach Roundup (Apr 17 - 23, 2026)
Vercel confirms breach as hackers claim to be selling stolen data
Vercel is a cloud platform that provides hosting and deployment infrastructure for developers, with a strong focus on JavaScript frameworks. It's unclear exactly how many people were compromised but the attacker claims to 580 records of employee information such as names and company email address, in addition to access keys, source code, and API keys. Vercel later disclosed that additional breaches predate this initial attack, suggesting the breach may widen in scope as investigation continues.
Lawrence Abrams
Seiko USA website defaced as hacker claims customer data theft
The "Press Lounge" section of watchmaker Seiko's website was updated (seemingly by attackers) to claim that the company's Shopify database was stolen. This includes customer names, email addresses, phone numbers, shipping addresses, order history, notes, and more.
Lawrence Abrams
French govt agency confirms breach as hacker offers to sell data
France Titres (also known as Agence nationale des titres sécurisés or ANTS) is an administration under the Ministry of the Interior that manages all identity and registration documents including driver's licenses, national ID cards, passports, and immigration documents. The attack occurred last week and investigation is still ongoing. It's unknown how many individuals were impacted, but attackers claim 19 million records. Stolen could include login ID, full name, email address, date of birth, unique account number, and in some cases postal address, place of birth, and/or phone number.
Bill Toulas
Cosmetics giant Rituals confirms data breach of customer membership records
The Netherlands-based company said that an "unauthorized download" in April contained customers' full name, date of birth, gender, postal and email address, hone number, preferred Rituals store, and account type. There are no other details at this time.
Zack Whittaker
Community Discussion