Here’s your weekly #databreach news roundup:
University of Pennsylvania, Nikkei, Hyundai AutoEver, and U.S. Congressional Budget Office.
University of Pennsylvania
University of Pennsylvania was breached by a hacker, exposing data on 1.2M donors, alumni, and students.
— DevaOnBreaches (@DevaOnBreaches) November 4, 2025
The attack compromised multiple systems, and the hacker threatens to release the full donor database soon. #databreach https://t.co/Bv2PHHSvlj
The University of Pennsylvania has suffered a major data breach after a hacker claimed to have stolen information on 1.2 million donors, students, and alumni. The attacker said they gained access through an employee’s PennKey account, which allowed entry into multiple systems, including Salesforce, SAP, and SharePoint. The stolen data reportedly includes names, birth dates, addresses, phone numbers, donation histories, and sensitive details like religion and sexual orientation. After their access was blocked, the hacker used Penn’s email system to send offensive messages to about 700,000 recipients. They stated that the motive was not political but to obtain the university’s wealthy donor database, which they might release later. The University of Pennsylvania confirmed it is investigating the breach and has involved the FBI. Donors are urged to watch out for phishing or fake donation requests linked to the stolen information.
Nikkei
Nikkei Inc. hit by major #databreach. Hackers stole an employee’s Slack credentials via malware, exposing data of 17,000+ staff & partners. https://t.co/U5GuWWOqJ3
— DevaOnBreaches (@DevaOnBreaches) November 6, 2025
Nikkei Inc., the Japanese financial media giant and owner of the Financial Times, has confirmed a data breach that exposed personal data and more than 17,000 Slack messages. The incident began when an employee’s personal computer was infected with malware, allowing hackers to steal login credentials and gain access to Nikkei’s internal Slack workspace. The breach exposed the names, email addresses, and chat histories of 17,368 employees and business partners. Nikkei stated that no information related to journalistic sources or reporting activities was compromised. The company quickly reset passwords, implemented containment measures, and voluntarily notified Japan’s Personal Information Protection Commission to maintain transparency. Nikkei said it takes the matter seriously and plans to strengthen its data security practices to prevent future incidents. The company previously lost $29 million in 2019 due to an email scam. Experts explained that the attackers used valid credentials to move unnoticed within the network, showing how credential theft is becoming one of the most effective cyberattack methods today.
Hyundai AutoEver
Hyundai AutoEver America reports a #databreach, where hackers accessed personal info, including SSNs & driver’s licenses.https://t.co/N1Sn1jM5dt
— DevaOnBreaches (@DevaOnBreaches) November 7, 2025
Hyundai AutoEver America (HAEA) has reported a data breach after discovering that hackers gained unauthorized access to its IT systems and personal information. The company detected the intrusion on March 1, 2025, but later found that attackers had been active since February 22. HAEA, an affiliate of Hyundai Motor Group, provides IT and digital services for Hyundai and Kia, supporting vehicle connectivity, over-the-air updates, and manufacturing systems. The investigation, assisted by cybersecurity experts and law enforcement, confirmed that the incident was contained by March 2. While the company’s notification mentioned only names, a filing with the Massachusetts government also listed Social Security numbers and driver’s license details among the exposed data. It remains unclear how many people were affected or whether customers, employees, or both were impacted. No ransomware group has claimed responsibility. This incident follows several cybersecurity issues faced by Hyundai in recent years, including ransomware attacks and data leaks affecting its operations in Europe and customer data in other regions.
U.S. Congressional Budget Office
The U.S. Congressional Budget Office confirms it was hacked.
— DevaOnBreaches (@DevaOnBreaches) November 9, 2025
CBO says it has contained the #databreach & added new security controls. Reports suggest foreign hackers may have accessed internal emails with lawmakers.https://t.co/nZhWVoCuNt
The U.S. Congressional Budget Office (CBO) has confirmed that it was hacked and is investigating the security breach. A spokesperson said the agency has contained the incident, implemented new monitoring, and strengthened its defenses. The CBO, a nonpartisan agency that provides economic and budget analysis to Congress, is concerned that hackers may have accessed internal emails, chat logs, and communications between lawmakers and CBO researchers. Reports from The Washington Post and Reuters suggest that foreign hackers were responsible and that the Senate Sergeant at Arms warned congressional offices about possible phishing attempts using stolen CBO communications. Security researcher Kevin Beaumont suggested the hackers may have exploited an outdated Cisco firewall that had not been patched since 2024 and was vulnerable to known security flaws used by suspected Chinese state-backed hackers. The CBO has not confirmed this theory, and Cisco has not commented. The compromised firewall has since been taken offline as the investigation continues.