We're diving into these data breaches and more with our latest EFFector newsletter. Since 1990, EFFector has been your guide to understanding the intersection of technology, civil liberties, and the law. This latest issue tracks U.S. Immigration and Customs Enforcement's (ICE) surveillance spending spree, explains how hackers are countering ICE's surveillance, and invites you to our free livestream covering online age verification mandates.
As well as millions of customer names and contact details, the databases show how much money people had spent at the stores. The hacker the BBC spoke to says he purchased the spreadsheets for $300,000 (£224,000) in order to target the biggest spenders. He claims to have used the information along with details from another stolen database to scam multiple Coinbase users out of at least $1.5m (£1.1m) in crypto.
In 2025, the frequency of healthcare data breaches more than doubled. However, the number of patient records exposed has significantly decreased, indicating a shift in the data breach landscape, according to a new report from Fortified Health Security.
Have I Been Pwned (HIBP) is a data breach "search engine" that allows anyone to submit their email address to see if any links to a data breach are publicly known. HIBP is a free service that can give you an overview of whether or not it is likely your online accounts have been "pwned," or compromised, in a data breach.
The Ministry of Defence (MoD) has admitted there have been more than 12 times as many data breaches linked to its Afghan Relocations and Assistance Policy (Arap) programme than previously thought. Until now, a total of four breaches were known to have hit Arap, a scheme established back in April 2021 to bring Afghan citizens at risk of Taliban persecution to safety in the UK. However, according to Freedom of Information (FoI) figures released to the BBC, the true number is actually 49.
Over 569 data incidents occurred in the Ministry of Defence in 2023-24, revealing significant concerns about their ability to protect sensitive information securely. This is an increase from 550 incidents the previous year and includes losses of electronic devices and mishandling of protected documents.
