PrivacySignal
Breach

Lidl discloses online shop breach after service provider hack

BleepingComputer · · International · Data Breaches

Lidl has notified customers in Germany, Belgium, and the Netherlands that their personal data was stolen through a breach at a third-party service provider. The discount supermarket chain disclosed the incident after attackers compromised the external vendor rather than Lidl's own systems.

Why this matters: This is a supply chain breach, which means Lidl's own security posture is almost beside the point. Your data was exposed because of a vendor you never heard of and never agreed to trust. That is how most big breaches work now. Companies collect customer data, hand it to service providers, and those providers become the weak link. Lidl is the name on the notification letter, but the accountability trail goes somewhere else. Customers deserve to know which provider was breached, what data was taken, and what access that vendor actually had.

Who should care: Cybersecurity · Privacy officers · Administrators · General readers · Policy

This summary is AI-assisted and may contain errors. It is an original briefing to help you gauge significance quickly — not a reproduction of the source. Always read the linked original before relying on it. See our methodology.

Related stories

Breach
BleepingComputer · · International

Breach at the Beach: Play the Ultimate Entra ID CTF

Learn how attackers abuse Entra ID through a free hands-on Capture the Flag. Varonis created the Breach at the Beach CTF to teach defenders how to investigate Entra ID attack techniques using realistic scenarios. [...]

Who should care: Cybersecurity · Privacy officers · Administrators

Breach
HIPAA Journal · · US Federal

Marlboro-Chesterfield Pathology Agrees to Settle Lawsuit Over 2025 Ransomware Attack

Marlboro-Chesterfield Pathology, a molecular, cytology, and pathology lab based in Pinehurst, North Carolina, has agreed to settle a class action lawsuit stemming from a ransomware attack that occurred in 2025. The settlement resolves claims brought by patients whose data was potentially exposed in the breach.

Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance · Healthcare professionals

#breach#enforcement#healthcare#security Read original →
Breach
HIPAA Journal · · US Federal

California Gay & Lesbian Services Center Data Breach Affects 75,500 Individuals

The Gay & Lesbian Community Services Center of Orange County, California, has disclosed a data breach affecting approximately 75,500 individuals. The organization provides mental health services, HIV testing, education, and outreach to its community.

Who should care: Cybersecurity · Privacy officers · Administrators · Healthcare professionals · Compliance

#breach#healthcare Read original →
Breach
DataBreaches.net · · International

Armenian National Extradited to the United States Pleads Guilty to Ransomware Extortion Conspiracy

PORTLAND, Ore.— An Armenian national extradited from Ukraine to the United States pleaded guilty yesterday for his role in Ryuk ransomware attacks and an extortion conspiracy targeting companies throughout the United States, including a technology company operating in Oregon. Karen Serobovich Vardanyan, 34, pleaded guilty to conspiracy and computer fraud. According to court documents, between... Source

Who should care: Cybersecurity · Privacy officers · Administrators

#breach#security Read original →
Breach
DataBreaches.net · · International

Ransomware negotiator who conspired with BlackCat threat actors sentenced to 70 months in prison

Jon Brodkin reports that a third co-conspirator who helped BlackCat attackers by giving them inside information on victims’ defense strategies has now been sentenced. A former ransomware negotiator was sentenced to 70 months in prison yesterday after colluding with BlackCat scammers to extort the victims he was hired to protect. As a ransomware negotiator for the company DigitalMint,... Source

Who should care: Cybersecurity · Privacy officers · Administrators

#breach#security Read original →
Breach
DataBreaches.net · · International

TikTok class action alleges data breach affected 2.4B users

A California man filed a federal class action lawsuit against TikTok on June 11, 2026, alleging a data breach exposed personal information belonging to more than 2.4 billion users globally. The complaint claims TikTok stored user data without encryption and failed to implement basic security measures.

Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance · General readers · Policy

#breach#enforcement#privacy Read original →