Here’s your weekly #databreach news roundup:
Instagram, Nissan, University of Hawaii Cancer Center, Betterment, Eurail, Central Maine Healthcare, and Grubhub.
The Instagram API #databreach was reported in January 2026 after a dataset allegedly scraped via an Instagram API was posted to a popular hacking forum. The dataset contained 17M rows of public Instagram information, including usernames, display names, and account IDs. Approximately 6.2M records also included associated email addresses, with a smaller subset containing phone numbers and geolocation data.
Read more at: https://xposedornot.com/breach#Instagram
Nissan
The Everest ransomware group says it has hacked Nissan, a large Japanese car company, and stolen a huge amount of data. The group shared screenshots on the dark web that appear to show Nissan’s internal files, including reports, dealership records, and financial documents in common file formats like Excel and CSV. Although no personal information is clearly shown, the files suggest access to important company systems. The hackers gave Nissan five days to respond or they will leak the data online. Nissan has faced several cyberattacks in the past, including employee and customer data theft and leaked source code.
University of Hawaii Cancer Center
The University of Hawaii said a ransomware group broke into its Cancer Center in August 2025 and stole research data, including very old documents from the 1990s that contained Social Security numbers of study participants. The attack affected only one research project and did not impact patient care, but it caused serious system damage that slowed recovery and investigation efforts. The university disconnected the affected systems, hired cybersecurity experts, and decided to work with the attackers to get a decryption tool and make sure the stolen data was destroyed. Most files were research-related, but later reviews found older files with personal information. UH plans to notify affected people once contact details are confirmed and has improved its security to prevent future attacks.
Betterment
Betterment, an online investment platform, said hackers broke into some of its systems last week using a social engineering attack through third-party tools it uses. The attackers accessed personal details such as customer names, email and home addresses, phone numbers, and dates of birth, but no passwords or account logins were stolen. Using this access, the hackers sent fake messages to users, trying to trick them into sending money by promising to triple their crypto. Betterment said it detected the attack the same day, stopped the access, started an investigation with cybersecurity experts, and warned affected customers to ignore the message. The company has not said how many customers were impacted.
Eurail
Eurail said that an unauthorized person accessed part of its customer database, allowing someone outside the company to view and possibly copy personal data. The information involved may include names, contact details, dates of birth, passport details, and, in some cases, data about travel companions. Eurail says there is no proof so far that the data has been misused or shared publicly, but the investigation is still ongoing. The company has secured its systems, hired cybersecurity experts, and informed authorities as required by law.
Central Maine Healthcare
Central Maine Healthcare said a data breach last year exposed the personal and medical information of more than 145,000 people, including patients and current or former employees. Hackers were inside its systems for over two months before the breach was discovered, and the full investigation finished in November 2025. The stolen data may include names, dates of birth, treatment details, insurance information, and Social Security numbers, depending on the person. CMH warned that affected individuals could face higher risks of scams or fraud and advised patients to carefully check medical and insurance statements for suspicious activity. The healthcare system has set up a support line and is offering free credit monitoring to help protect those impacted.
Grubhub
Grubhub has confirmed that hackers recently broke into some of its systems and downloaded data, and reports say the company is now being pressured by hackers to pay money to stop the data from being leaked. Grubhub said it quickly stopped the attack and that sensitive details like payment information and order history were not affected, but it did not share many details about what data was taken or when the breach happened. Sources say the ShinyHunters hacking group may be behind the attack and is threatening to release older customer support data taken from tools like Salesforce and Zendesk. Grubhub is working with a cybersecurity firm and has informed law enforcement, but it is still unclear how many people may be affected or if this breach is connected to earlier scam emails sent using Grubhub systems.
