Data Breach Roundup (June 5 - 11, 2026)

Former cyber executive turned whistleblower accuses IBM of covering up several data breaches

The lawsuit in question was filed in 2020 but only unsealed this week. It comes from the former IBM vice president of threat intelligence who alleges that Chinese hackers breached IBM and at least two subsidiaries "routinely" between 2013 and 2016 but the company simply covered up the breaches and never disclosed them. Including this story because past law enforcement raids on ransomware gangs have proven that often companies get breached and never publicly disclose it.

Former cyber executive turned whistleblower accuses IBM of covering up several data breaches | TechCrunch

IBM and two of its subsidiary companies were allegedly breached during the mid-2010s — a lawsuit filed by a former cybersecurity executive accuses IBM of not disclosing and actively covering it up.

TechCrunchLorenzo Franceschi-Bicchierai

Oxford University discloses data breach after careers platform hack

CareerConnect - which is used by Oxford, King's College, and University of Manchester among others - was breached on May 28. Attackers were able to access users' first names, last names, email addresses, and encrypted passwords (for users who do not sign in using Single Sign-On). The article did not comment on if any other schools who use the platform were compromised or how many accounts were accessed.

SoFi confirms third-party data breach at Hong Kong subsidiary

SoFi is a U.S.-based financial technology company that offers banking, investing, loans, and other personal finance services. We have very little information at this time other than that the breach occurred in April 2026. The company is advising the usual measures for now: update passwords, enable 2FA, monitor accounts, beware phishing attempts, etc.

French govt messaging service breached in account hijacking attack

Tchap is a messenger based on Matrix who's use is mandated for all French civil servants as of August 2025. This week a user account was compromised via social engineering, allowing the attacker to scrap the data of all channels that user was in. The attacker claims they scraped 13.5GB of data from the French tax authority and other civil servants, including 560,000 messages and information on over 73,000 accounts, including email addresses, organization information, meeting links, and account and device metadata.

ServiceNow discloses security incident exposing customer data

This breach was the result of being able to access an API that did not require authentication. ServiceNow patched the vulnerability to require users to authenticate, but hasn't said much else including what data was impacted or how many customers. The article notes, however that "nstances commonly store sensitive enterprise information, including IT support tickets, employee records, internal documentation, asset inventories, security incident reports, workflow data, and configuration details for corporate systems and services."

Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks

This is less of a specific breach and more of a collection. Oracle says that a rash of breaches impacted both cloud and on-premises PeopleSoft instances have been detected. ShinyHunters has claimed the activity, saying they have stolen data from 300 instances and more than 100 organizations. The article states that this is a combination of old, unpatched vulnerabilities and new zero-days and that configuration may play an additional role in whether or not a server is vulnerable.

Nottingham University data breach affects over 450,000 students

This breach is allegedly a result of the Oracle PeopleSoft breaches mentioned above. The attackers claim to have over 40GB of documents containing student finance data, billing and payment information, credit card and payment details, and campus portal exports from the University of Nottingham and its Malaysia and China campuses. Documents also contained students' full names, home addresses, IP addresses, phone numbers, and dates of birth. Have I Been Pwned said their analysis additionally showed that ethnicities, disabilities, passport numbers and information relating to academic enrolments and fee payments were exposed.

Flock Leaked Cops’ License Plate Searches via DuckDuckGo, Bing

Some of Flock's searches have been indexed by search engines like Bing (and thus DuckDuckGo), revealing data such license plates, reasons for the search, and in some cases the date range of the search. Flock says they are investigating.

Japanese energy firm loses drive with data of 10.9 million clients

Kyushu Electric Power Co has disclosed that a drive containing backups of customer data has gone missing. It appears to have been stolen, but it's unclear if it was simply misplaced. Data includes customer names, service location addresses, electricity usage data, telephone numbers, names of retail electricity providers, and "other related information."

Coupang hit with record $409 million data breach fine in Korea

An update to a breach from last year that occurred in June but was publicly disclosed in November. The e-commerce giant leaked the data of over 33 million customers, making it one of the worst in South Korea's history. The Personal Information Protection Commission has fined Coupang for "unlawfully collecting, using, and handling customers' personal and sensitive data" as well as inadequate security practices, including failures in authentication key management and access controls.