Data Breach Roundup (May 8 - 14, 2026)

Zara data breach exposed personal information of 197,000 people

Zara is a Spanish fast-fashion retailer that operates over 1,500 stores worldwide. The company has yet to confirm any major details, but says that names, phone numbers, addresses, credentials, and payment data are safe. Have I Been Pwned analyzed the data exposed so far and said it contains email addresses, geographic locations, purchases, and support tickets.

Zara data breach exposed personal information of 197,000 people

Hackers who gained access to the databases of Spanish fast-fashion retailer Zara stole data belonging to more than 197,000 customers, according to data breach notification service Have I Been Pwned.

BleepingComputerSergiu Gatlan

NVIDIA confirms GeForce NOW data breach affecting Armenian users

GeForce NOW is a cloud gaming services, allowing users to run games on more powerful hardware in a data center rather than local computers. Exposed data includes full name (if using a Google account), email address, phone number (if registered through a mobile operator), date of birth, and username. Users registered after March 9 are not impacted.

NVIDIA confirms GeForce NOW data breach affecting Armenian users

NVIDIA has confirmed in a statement for BleepingComputer that GeForce NOW user information has been exposed in a data breach.

BleepingComputerBill Toulas

US bank reports itself after slinging customer data at 'unauthorized AI app'

Community Bank - which serves Pennsylvania, Ohio, and West Virginia - filed a data breach notification with regulators, saying that sensitive data was accidentally leaked to an unauthorized AI. We know that names, dates of birth, and Social Security numbers were impacted but we don't know how many customers were affected, which AI was used, or even the exact details of the incident.

US bank reports itself after slinging customer data at ‘unauthorized AI app’

Volume and sensitivity of the data cited as chief concerns

theregisterConnor Jones

Škoda warns of customer data breach after online shop hack

The Czech carmaker has reported a breach of their online store that allowed attackers to access data. Data includes names, addresses, contact information, phone numbers, order information, and login credentials (passwords were hashed). It does include financial information and the company has not disclosed how many were impacted.

Škoda warns of customer data breach after online shop hack

Škoda Auto, a wholly owned subsidiary of the Volkswagen Group, has disclosed a data breach after attackers hacked its online shop and stole the personal information of an undisclosed number of customers.

BleepingComputerSergiu Gatlan

UK fines water supplier $1.3M for exposing data of 664k customers

This is an update to a story from 2022. South Staffordshire Water Plc was attacked by the Cl0p ransomware gang at the time and leaked customer data going back to 2020. The fine was for "significant failures in the company's approach to data security and left customers and employees vulnerable for nearly two years.”

UK fines water supplier $1.3M for exposing data of 664k customers

The Information Commissioner’s Office has fined South Staffordshire Water Plc and parent company South Staffordshire Plc £963,900 ($1.3 million) over a cyberattack that exposed the personal data of 663,887 customers and employees.

BleepingComputerBill Toulas