Data Breach Roundup (June 12 - 18, 2026)

Pharma giant Novo Nordisk discloses breach of clinical trials data

Novo Nordisk is a Danish pharmaceutical company, best known as the maker of the recent GLP-1 receptor agonist drugs Wegovy and Ozempic. At this time we don't know when the breach occurred or how many people were impacted, but we do know it impacted data related to patients in certain clinical trials including patient IDs (random alphanumeric strings) and information on trial participation, sex, year of birth, biomarkers, health/immunogenicity data, and lifestyle factors (e.g., smoking, alcohol use, BMI). It also affected healthcare professionals (HCPs), whose names, registration numbers, e-mail addresses, phone numbers, WhatsApp details, and office locations have been exposed. The group is asking for a $25 million ransom.

iRhythm discloses data breach, says hackers stole patient info

iRhythm is a digital healthcare company that supports a popular cardiac monitoring service. The company hasn't revealed much, including number of patients impacted or exactly what data was stolen. They said the attacker demanded a ransom after data was stolen from a "third-party-hosted business application," and that the data in question included "proprietary data, patient protected health information and other personal information." The breach occurred earlier this month.

Hackers Publish Knicks and Madison Square Garden Data Online

The ShinyHunters ransomware group has posted nearly 45GB of data on the New York Nicks and the venue Madison Square Garden. A sample reviewed by 404 Media includes files mentioning specific sports teams, and specifically Knicks-related personalities, with fields such as “address,” “claim to fame,” “cost of talent,” and sometimes contact information for them or their representatives.

Leak Exposes Members of Peter Thiel’s Secretive ‘Dialog’ Society

Dialog is a private, invitation-only organization cofounded in 2006 by Peter Thiel. It convenes US officials, foreign government figures, and Silicon Valley executives at off-the-record annual retreats. Swiss "hactivist" maia arson crimew said the exposed directory was revealed to them by way of anonymous tip. The list includes 222 names along with information about their attendance and talks. The article goes into a lot of detail.

Kodak confirms data breach claimed by ShinyHunters extortion gang

As is becoming a pattern, there is very little information at this time. This was the result of a ShinyHunters breach, which claims to have "over 2.2 million records containing customer personally identifiable information (PII) and internal corporate data."

FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices.

This incident is making headlines in the tech space. This breach includes usernames, email addresses, and plaintext passwords that appear to be valid credentials for companies including Chevron, Samsung, Foxconn, Comcast, AT&T, Mercedes-Benz, Toyota, Sinopec, State Grid, and many others. This appears to be a crime group getting ready for a larger operation, and includes credentials gathered from a wide range of techniques and sources.

Infinite Campus data breach affects 137,000 school staff accounts

Infinite Campus is an EdTech company that provides student information systems to thousands of schools in 46 US states. This breach took place in March and this update includes the name of the attackers, and more information about the scope. Impacted data includes names, email addresses, employers, job titles, phone numbers, physical addresses, usernames, and support tickets.

Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks

Klue is a "marketing intelligence platform." The wording of this article seems to suggest that a Klue compromise impacted several of Klue's users and put their data at risk, primarily OAuth tokens. This threat actor appears to be new on the scene, having first been spotted in April 2026.

Council of Europe investigates ShinyHunters data breach claims

Over the weekend ShinyHunters claimed to have stolen more than 429,000 documents containing HR and payroll data from multiple Council of Europe departments. The allegedly stolen documents include more than 409,000 payslips for 10,000+ staff (ranging from 2011 to 2026), over 3,700 in-house personnel files, more than 14,000 CVs, and other files. They are said to contain a wide range of personal and financial information, including affected individuals' names, dates of birth, home addresses, phone numbers, employee IDs, salaries, bank account details, tax and Social Security information, medical records, and more.

Texas government data breach allowed hackers to steal 3 million driver’s licenses and passports

This breach came through the state's Parks & Wildlife department who issues hunting and fishing licenses. Thus attackers were able to access the driver's license information and passport numbers of more than 3 million people.

Nintendo confirms data stolen in WebMD subsidiary cyberattack

TinyPulse is an employee engagement and feedback platform used for anonymous employee surveys, engagement analytics, feedback collection, and workplace culture assessments. A threat actor called Shaowby3$ claims they have stolen nearly 1GB of data containing full names, email addresses, analytics and survey data, bank statements, and W-9 forms with employee IDs, progress plans, and reports between 2016 and 2026.