Saturday Security: Data Breaches Hit a Record High and We’re Not Being Told Why

 

Data breaches hit an all-time high in 2025 — but fewer people were notified. Why? Because attackers didn’t stop. They changed tactics. According to the Identity Theft Resource Center’s 20th Annual Report, U.S. organizations reported 3,322 data compromises, a 79% increase in five years. Instead of massive single breaches, attackers spread out — hitting more companies, more quietly. Even worse, 70% of breach notices didn’t explain how the breach happened, leaving people unable to assess risk or take action. This week’s Saturday Security Story breaks down what’s really happening — and why resilience matters more than headlines. Stay curious. Stay prepared. https://www.idtheftcenter.org/wp-content/uploads/2026/01/2025-ITRC-Annual-Data-Breach-Report.pdf https://www.databreachtoday.com/data-breaches-in-america-hit-all-time-record-high-in-2025-a-30624

Saturday Security: The New Phishing Isn’t Email — It’s Phone Calls

 

This week, Okta warned customers about a surge in voice phishing (vishing) attacks where criminals impersonate IT support in real time. These attackers already know which MFA app you use, your helpdesk number, and exactly when to pressure you into approving a login. Groups like ShinyHunters are using real-time phishing toolkits that sync fake login pages with live phone calls. No malware. No exploits. Just persuasion. If someone calls asking you to approve an MFA request you didn’t initiate — hang up. Because modern breaches don’t break systems - They convince people. https://www.databreachtoday.com/voice-phishing-okta-customers-shinyhunters-claims-credit-a-30590

Saturday Security: Ransomware Isn’t Declining — It’s Adapting

 

Law enforcement takedowns disrupted major ransomware groups in 2025—but attacks didn’t slow down. In fact, victims surged nearly 50% as new groups rushed in and tactics shifted from loud lockups to quieter data extortion.

This Saturday Security Story highlights why disruption doesn’t always mean decline—and why resilience matters more than ever.

Stay curious. Stay prepared.

https://www.databreachtoday.com/ransomware-by-numbers-victim-group-count-surges-a-30528

Saturday Security: When “Trusted” Tools Turn on You: The New AI Security Blind Spot

 

As AI becomes part of our daily workflow — from writing code to planning strategy — attackers are shifting tactics. In this Saturday Security Story, we break down how malicious Chrome extensions, some even featured by Google, were quietly harvesting entire AI chatbot conversations from nearly a million users. This wasn’t traditional hacking or malware. It was trust abuse. Source code, business strategy, legal questions, internal URLs — all siphoned off under the guise of “anonymous analytics.” The real risk today isn’t just zero-days or ransomware. It’s tired humans moving fast inside tools they assume are safe. Take a moment this weekend to audit your browser extensions, remove what you don’t need, and remember: featured doesn’t mean verified. Like, subscribe, and stay curious. https://www.darkreading.com/cloud-security/fake-ai-chrome-extensions-steal-900k-users-data https://thehackernews.com/2026/01/two-chrome-extensions-caught-stealing.html https://www.esecurityplanet.com/threats/900000-users-hit-as-chrome-extensions-steal-ai-chat-data/

New Year, New Scams: Why Hackers Don’t Hack Anymore — They Talk

 

Post-holiday fatigue is one of the most profitable windows for fraud. Last year alone, more than $12 billion was siphoned from Americans through scams—not hacks. These weren’t break-ins. They were conversations. From fake job offers and tax refund texts to AI-cloned voices impersonating banks, employers, and even family members, today’s attacks rely on urgency and trust, not malware. The uncomfortable truth? Your biggest risk in 2026 isn’t a zero-day exploit—it’s a tired, distracted human trying to do the right thing. Slow down. Verify unexpected messages. Don’t click links. Don’t send gift cards or crypto. And enable MFA everywhere you can. This is your Saturday Security Story. I’m Peter — like, subscribe, and share. https://cbsaustin.com/news/nation-world/new-year-new-scams-how-criminals-prey-on-busy-tired-consumers-post-holidays-christmas-hanukkah-money-cash-finances-financial-resolutions-tax-prep-scammers-fraud