Players of the popular Words with Friends and Draw Something smartphone games are being advised to change their passwords following what sounds like a security breach at game developer Zynga.

Read more in my article on the Hot for Security blog.

Online merchandise retailer CafePress, used by millions of people to host an online store where they can sell custom-designed t-shirts, mugs, stickers, and more, has finally informed its customers that its systems were hacked and their personal details stolen.

Researchers discover that confidential images of X-rays, CT and MRI scans related to millions of patients has been left unprotected on hundreds of servers used by health providers worldwide.

If you’re a citizen of Ecuador, chances are that you’ve had your personal and financial information exposed after an ElasticSearch server was left unsecured.

Victims even include Wikileaks founder Julian Assange…

A security researcher found a server on the internet containing more than 419 million records related to Facebook users.

No password protection was in place – meaning the treasure trove of phone numbers was available to literally anybody with an internet connection.

Read more in my article on the Tripwire State of Security blog.

Capital One isn’t the only organisation allegedly to have had its data breached by Paige Thompson, the former Amazon systems engineer.

Read more in my article on the Hot for Security blog.

Web hosting firm Hostinger has reset the passwords of all of its customers after it discovered hackers had breached its systems and accessed a database containing millions of records.

A teenage British hacker, who previously played a role in the infamous TalkTalk data breach, has been sentenced to 20 months in prison after pleading guilty to selling hacking services and stolen personal data for cryptocurrency.

Read more in my article on the Hot for Security blog.

The European Central Bank (ECB), the central bank of the 19 European countries which have adopted the euro, has shut down a compromised website after it discovered that hackers had planted malware that stole information from newsletter subscribers.

A biometrics system used to secure more than 1.5 million locations around the world – including banks, police forces, and defence companies in the United States, UK, India, Japan, and the UAE – has suffered a major data breach, exposing a huge number of records and unencrypted fingerprints.

Read more in my article on the Tripwire State of Security blog.

One of the world’s largest cryptocurrency exchanges has revealed that it is being blackmailed to the tune of 300 Bitcoin (approximately US $3.5 million) by someone who is threatening to release some 10,000 sensitive photographs of its customers.

Read more in my article on the Tripwire State of Security blog.

The FBI has arrested a 33-year-old software engineer in Seattle as part of an investigation into a massive data breach at financial services company Capital One.

Read more in my article on the Tripwire State of Security blog.

Equifax has agreed to pay up to $700 million in a FTC settlement following its 2017 data breach.

Slack would have been wiser – in an abundance of caution – to reset all of its users’ passwords back in March 2015.

After all, leaving it until four years later looks a little bit… slack.