SecureFact – Cyber Security News – Week of March 09, 2026

TriZetto Provider Solutions, a healthcare IT company serving health insurers and healthcare providers, suffered a major data breach exposing sensitive information of over 3.4 million people.
Unauthorized access began on November 19, 2024, and was discovered on October 2, 2025.
The breach exposed insurance eligibility verification transaction records containing full names, physical addresses, dates of birth, Social Security numbers, health insurance member numbers, Medicare beneficiary identifiers, provider names, health insurer names, and demographic/health/insurance information. Payment card and financial information were not exposed.
The company notified affected providers in December 2025 and customers in February 2026. TriZetto has offered 12-month free credit monitoring and identity protection services from Kroll to affected individuals.
Law enforcement authorities were informed of the incident.
No ransomware groups have claimed responsibility, and no data leaks have appeared on underground forums.

HungerRush, a restaurant technology provider serving over 16,000 restaurants including Sbarro, Jet’s Pizza, and Hungry Howie’s, suffered a data breach affecting customer contact information.
Threat actors gained access through a compromised third-party vendor’s credentials to HungerRush’s email marketing service account.
The attackers accessed and exfiltrated customer contact information including names, email addresses, mailing addresses, and phone numbers.
The threat actor claimed access to data for millions of customers including names, emails, passwords, addresses, phone numbers, dates of birth, and credit card information, though HungerRush disputes these claims.
The company confirmed that no sensitive personal information such as passwords, dates of birth, Social Security numbers, or payment card information was exposed.
HungerRush disabled access to the affected email service and notified law enforcement.
The company is investigating the incident with authorities and specialists.

Paint maker giant AkzoNobel confirms cyberattack on U.S. site

AkzoNobel, a multinational Dutch paint and coatings company with 35,000 employees and annual revenue exceeding $12 billion, suffered a ransomware breach at one of its U.S. sites.
The Anubis ransomware gang claimed to have stolen 170GB of data comprising almost 170,000 files.
The stolen data includes confidential agreements with high-profile clients, email addresses and phone numbers, private email correspondence, passport scans, material testing documents, and internal technical specification sheets.
The company stated the incident was limited to the respective site and was already contained with limited impact.
AkzoNobel is working closely with relevant authorities and notifying impacted parties.
The Anubis ransomware-as-a-service operation launched in December 2024 and offers affiliates 80% of paid ransoms.
The company has not disclosed whether it engaged with the threat actor or paid any ransom.

LexisNexis Legal & Professional, a global provider of legal, regulatory, and business information used by lawyers, corporations, governments, and academic institutions in over 150 countries, suffered a data breach via exploitation of the React2Shell vulnerability in an unpatched React frontend application.
On February 24, 2026, threat actor FulcrumSec gained access to AWS infrastructure and exfiltrated 2.04GB of structured data including 536 Redshift tables, 430+ VPC database tables, 53 AWS Secrets Manager secrets in plaintext, 3.9 million database records, 21,042 customer accounts, and 400,000 cloud user profiles with real names, emails, phone numbers, and job functions.
The breach included 118 users with .gov addresses belonging to U.S. government employees, federal judges, law clerks, DOJ attorneys, and SEC staff.
LexisNexis confirmed the breach contained mostly legacy data from prior to 2020 with no Social Security numbers, driver’s license numbers, financial information, or active passwords exposed.
The company has notified law enforcement and contracted external cybersecurity experts for investigation and containment measures.

The University of Hawaii Cancer Center suffered a ransomware attack in August 2025 that compromised data of nearly 1.2 million individuals.
The breach affected the Epidemiology Division’s research systems and exposed personal information from multiple research studies conducted between 1993 and 2006.
Compromised data includes names, Social Security numbers (SSNs), driver’s license numbers, and health information from the Multiethnic Cohort Study and other diet and cancer research studies.
The attackers encrypted systems causing extensive damage and delaying restoration efforts.
The university paid the attackers to obtain a decryption tool and secure destruction of illegally obtained information to protect affected individuals.
The university notified 87,493 MEC Study participants and approximately 900,000 additional individuals whose contact information was found.
The breach did not impact clinical operations, patient care, or UH student records.
The university is working with authorities and committed to transparency and accountability.

Cloud Imperium Games (CIG), the developer behind Star Citizen and Squadron 42, disclosed a data breach discovered on January 21, 2026, in which attackers gained unauthorized access to backup systems containing limited user personal data.
The breach affected basic account information including metadata, contact details, usernames, dates of birth, and names of an undisclosed number of users.
The compromised systems did not contain credentials, financial information, or payment data, and access was read-only with no data injection or modification occurring.
CIG stated it found no evidence that accessed data was leaked online and is monitoring systems to detect any public release of information.
The company is assessing and detecting whether any accessed data is released publicly.
CIG does not believe the incident poses a risk to user safety, though exposed personal information could be used in phishing attacks.
No ransom demand has been publicly disclosed.

A data breach at the Children’s Council of San Francisco, a nonprofit that supports childcare services, exposed the names and Social Security numbers of 12,655 individuals after hackers gained unauthorized access to its network on August 3, 2025.
The breach was discovered during an investigation following a network disruption, and affected individuals were notified in early 2026.
A ransomware group called SafePay claimed responsibility and allegedly demanded payment to delete the stolen data, although the organization has not confirmed the claim or whether a ransom was paid.
Because Social Security numbers were compromised, victims face potential risks such as identity theft and fraud, and the organization has offered 12 months of free credit monitoring and identity-theft protection to those impacted.