#WeeklyRoundup

Weekly Databreaches Roundup Week 14-2026

April 6, 2026

Here’s your weekly #databreach news roundup:

Hims & Hers, Duc App, Mercor, and Cisco

Hims & Hers

Hims & Hers, a telehealth company that sells things like weight-loss and sexual health treatments, reported a data breach where hackers accessed its third-party customer support system between February 4 and 7. They stole customer support tickets containing personal details like names, email addresses, and other unspecified information. While the company says medical records were not affected, support messages may still include sensitive personal or health-related details. The attack happened through social engineering, where employees were tricked into giving access. It’s unclear how many people were affected or if hackers have demanded money. This

Read more at : https://techcrunch.com/2026/04/02/telehealth-giant-hims-hers-says-its-customer-support-system-was-hacked/

Duc App

A money-transfer app called Duc App, owned by Canadian company Duales, exposed a huge amount of users’ personal data because one of its Amazon cloud storage servers was left open to the public without a password or encryption. This meant anyone who guessed the web link could view and download sensitive files like passports, driver’s licenses, selfies, and even spreadsheets with names, addresses, and transaction details. A security researcher found the issue, and it was fixed only after being reported, but it’s unclear how many people accessed the data or were affected. The company said the data was on a testing server but didn’t explain why real customer information was there.

Read more at : https://techcrunch.com/2026/04/02/canadian-money-transfer-app-duc-expose-drivers-licenses-passports-amazon-server/

Mercor

Mercor, an AI recruitment company, was affected by a major cyberattack caused by a compromised open-source tool called LiteLLM, in what’s known as a supply chain attack—where hackers insert malicious code into widely used software to hit many organisations at once. In late March 2026, attackers briefly uploaded infected versions of LiteLLM that were downloaded by companies during a short 40-minute window, potentially exposing their systems. The attack is linked to a group called TeamPCP, and another hacking group, Lapsus$, later claimed it stole about 4TB of Mercor’s data, including candidate profiles, personal information, and internal assets like source code and API keys, though this hasn’t been fully confirmed.

Read more at : https://hackread.com/ai-firm-mercor-breach-hackers-4tb-data/

Cisco

ShinyHunters (UNC6040) issues “final warning” to Cisco ahead of Apr 3, 2026, threatening to leak 3M+ stolen Salesforce records + PII, AWS & internal data. Claims tied to vishing + cloud access. #databreach