United States
The Illinois Department of Human Services
The Illinois Department of Human Services (IDHS) confirmed a data breach that exposed sensitive records of roughly 700,000 individuals, marking one of the largest public-sector breaches in 2026.
According to the agency, the breach exposed two separate sets of records. The first involves personal and program-related data tied to more than 672,000 Medicaid and Medicare Savings Program recipients, including addresses, case numbers, demographic details and medical assistance plan names. A second set of records affected around 32,000 customers of the Division of Rehabilitation Services, exposing names, addresses, case details and referral information spanning multiple years.
IDHS said the investigation into the incident is ongoing, and officials are still working to determine how the intrusion occurred and whether additional data may have been accessed.
SourceHow it could affect your business
Healthcare data continues to attract cybercriminals because it contains personal, medical and program details that can be easily abused for fraud and identity theft. Breaches like this show how attacks on healthcare and social service agencies are growing in scale, often exposing hundreds of thousands of records at once. To reduce risk, organizations need continuous monitoring, tighter access controls and encrypted backups to limit damage and maintain services during an incident.
United States
The Supreme Court of the United States
In an unusual cyber incident, a hacker repeatedly accessed the Supreme Court of the United States’ electronic document filing system and posted personal data belonging to several victims on his Instagram account.
According to a filing in the U.S. District Court for the District of Columbia, the attacker unauthorizedly accessed the U.S. Supreme Court’s restricted system multiple times using stolen credentials of an authorized user. Once logged in, the attacker accessed and stole personal information from victim accounts and publicly shared portions of that data on social media, highlighting how stolen credentials alone can be enough to compromise high-profile systems.
SourceHow it could affect your business
Stolen credentials remain one of the easiest ways for attackers to break into highly defended networks, without triggering traditional security alerts. Recent incidents show that years-old leaked credentials, long forgotten by organizations, are still being reused to gain unauthorized access to critical systems. To reduce this risk, businesses need continuous dark web monitoring to identify exposed credentials early and enforce MFA so stolen logins can’t be easily abused.
Australia
Victorian Department of Education
The Department of Education in Victoria, Australia, has confirmed a data breach that affected current students and inactive past student accounts across more than 1,700 government schools.
On January 14, the department said an unauthorized third party breached a school’s network. A follow-up update on January 21 confirmed that the attacker accessed a Department of Education database containing student information. The exposed data includes student and school names, year levels and department-issued email addresses with encrypted passwords. The department stated that no other student data, such as dates of birth, home addresses, phone numbers or family details, was accessed.
At this stage, there is no evidence that the data has been publicly released or shared with third parties. The Office of the Victorian Information Commissioner (OVIC) has launched an investigation into the incident.
SourceHow it could affect your business
Cyberattacks on educational institutions are rising worldwide as they hold large volumes of sensitive student and faculty data. Incidents like this show how even limited access can expose thousands of records across connected systems. To reduce risk, education organizations need proactive monitoring to detect intrusions early, strict access controls to limit lateral movement and encrypted backups to ensure critical data can be recovered if systems are compromised.
Europe
Endesa
Spanish energy giant Endesa and its designated reference retailer Energía XXI have begun notifying customers after confirming a data breach that exposed customer information.
Endesa, Spain’s largest electric utility serving more than 20 million customers across Spain and other European countries, said the incident involved unauthorized access to its commercial platform. The attackers accessed and likely exfiltrated customer identification data, including contact details, national ID numbers (DNI), contract information and payment details such as international banking account numbers (IBANs). The company stated the breach was quickly contained and confirmed that no passwords were compromised.
While Endesa says it has no evidence that the data has been misused, it has warned customers to stay alert for identity theft, phishing attempts and related fraud following the incident.
SourceHow it could affect your business
Data stolen in third-party breaches is often reused later to target customers through phishing, impersonation and fraud. Details, such as names, contact information and bank identifiers, give attackers everything they need to craft convincing messages that appear legitimate. To reduce this risk, organizations should closely monitor third-party access, limit data shared with external platforms and educate customers and employees to spot follow-up phishing attempts that leverage leaked information.
