HackerOne Data Breach Impacts Hundreds of Employees

HackerOne Data Breach Impacts Hundreds of Employees

HackerOne is notifying hundreds of employees that their personal data was compromised. The data beach is a result of a cyberattack on Navia Benefit Solutions, its third-party benefits administrator. Attackers gained unauthorized access to Navia’s systems between December 2025 and January 2026, impacting approximately 2.7 million individuals. Stolen information includes names, addresses, and Social Security numbers. While HackerOne’s internal systems remain secure, the company is assisting affected staff and monitoring for potential secondary exploitation of the leaked data.

Source: Bleeping Computer

QualDerm Data Breach Impacts 3.1 Millions

Healthcare management provider QualDerm Partners is notifying over 3.1 million individuals of a data breach discovered in December 2025. Unauthorized actors accessed the company’s network for two days, exfiltrating sensitive records including names, medical record numbers, diagnoses, treatment details, and health insurance information. As a result, impacted patients across 158 practices are being offered 12 months of free identity theft and credit monitoring. QualDerm has coordinated with law enforcement and regulatory agencies to contain and investigate the intrusion.

Source: Security Week

Crunchroll Breached 6.8 Million Users’ Data

Canadian retail giant Loblaw notified customers of a data breach after detecting unauthorized access to a “non-critical” segment of its IT network. The breach, identified in March 2026, exposed basic personal details including names, email addresses, and phone numbers. While Loblaw confirmed that passwords and financial information remained secure, the company took the precautionary measure of force-resetting customer sessions. This incident emphasizes the persistent security challenges facing large retailers as they expand their digital footprints.

Source: TechCrunch

US, Germany, and Canada Take Down Large DDoS Botnets

Authorities from the U.S., Canada, and Germany dismantled the command-and-control infrastructure of four major botnets: Aisuru, KimWolf, JackSkid, and Mossad. These botnets hijacked millions of IoT devices, including Android TV boxes and routers, to launch massive DDoS attacks, with one peaking at 31.4 Tbps. While law enforcement seized virtual servers and domains, experts warn that the underlying vulnerabilities in these devices remain unpatched. This can allow threat actors to rebuild their networks using AI-driven automation.

Source: SC Media

AI Bot Traffic to Surpass Human Activity by 2027

According to Cloudflare CEO Matthew Prince, by 2027, AI bot traffic could surpass human activity online entirely, reshaping how we interact with the web, how businesses operate, and how information flows. Specifically, before AI became as approachable as it is now, with so many services on the market and high user demand, bots accounted for about 20% of web traffic. Prince claimed that the bot takeover is accelerating. He called the need for data “insatiable” and predicted that “in 2027, the amount of bot traffic online will exceed the amount of human traffic that’s online. And it will continue to grow.”

Source: TechCrunch

Click here to subscribe our Newsletter