VRChat, Inc. has filed a data breach notice revealing that the information of more than 2.4 million users was involved in a data breach.
According to the notice, VRChat experienced unauthorized access to some account data between May 10 and May 12, 2026. The access happened in VRChat’s cloud environment and involved user profile and login-related data.
Read more…
Source: MalwareBytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- French prosecutors link 15-year-old to mega-breach at state’s secure document agency
April 30, 2026
French prosecutors say police detained a 15-year-old on April 25 over the alleged theft of millions of records from France Titres (ANTS), the agency handling secure documents. The Paris Prosecutor’s Office announced on Thursday that the minor, suspected of using the online alias “breach3d” and not named because French law protects minors, faces two computer crime ...
- Hackers stole hundreds of thousands of Roblox accounts
April 30, 2026
More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date. Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 ...
- Have I Been Pwned claims Pitney Bowes hit by 8.2M email address leak
April 29, 2026
Logistics technology company Pitney Bowes, which makes franking machines for US postage, is the latest scalp claimed by ShinyHunters and its ongoing spree of pay-or-leak attacks against major organizations. Data breach tracker Have I Been Pwned (HIBP) confirmed the breach on April 27, with 8.2 million unique email addresses included in the dump alongside names, phone ...
- Medtronic says ShinyHunters hackers stole around 9 million medical records in latest attack
April 28, 2026
Medtronic, one of the biggest medical device manufacturers in the world, has confirmed suffering a cyberattack in which crooks “accessed data in certain Medtronic corporate IT systems.” In a security notification published on its website, Medtronic said the attack does not affect its customers or products, and also stressed it will continue operating as usual, without ...
- ADT confirms cyber intrusion after ShinyHunters extortion attempt
April 27, 2026
A home security biz getting digitally burgled is not a great look – but that’s exactly where ADT finds itself. The company has confirmed a cyber intrusion following an extortion attempt by the ShinyHunters crew, which claims to have made off with more than 10 million records. US-based ADT is one of the world’s largest providers ...
- Stolen medical data from 500,000 UK volunteers advertised for sale on a Chinese website
April 23, 2026
Health information belonging to 500,000 people in the United Kingdom has been stolen and offered for sale on the Chinese website Alibaba, the UK’s technology minister Ian Murray has confirmed. The medical data comes from participants of UK Biobank, the world’s most comprehensive dataset of biological, health, and lifestyle information, compiled from volunteers and used by ...