From ICE agents and Tinder for Nazis, to the cars we drive, and even the sneakers on our feet, January’s biggest data breaches touched nearly every corner of daily life – pulling consumers, corporations, and US government agencies alike into the same cybersecurity mess.
-
Hackers hit everything from dating apps to nazi forums to US government agencies in January.
-
Here’s how the month’s biggest breaches unfolded – and which incidents mattered most.
By exploiting reused access, third-party weaknesses, and mass targeting techniques, cybercriminals wasted no time ramping up activity to start the year.
Here’s a breakdown of the most significant data breaches and leaks defining the month.
Crunchbase breach confirmed
The notorious ShinyHunters ransomware gang led the charge in January, claiming at least five breaches across this month’s list.
The first to succumb to the hacking collective was Crunchbase, the global business intelligence platform, known for tracking startup funding, company growth, and investor activity.
After refusing to meet the group’s presumably exorbitant ransom demands, Crunchbase found itself in a PR nightmare when Shiny Hunters retaliated by offering more than 2 million company files for download on the dark web.
The exposure could put sensitive business relationships and competitive intelligence at risk, while also opening the door to account takeovers, phishing campaigns, and secondary breaches tied to reused credentials.
Crunchbase was also the only company on our list to publicly confirm an active breach this month.
Dating apps hit in ShinyHunters spree
Using a single vishing phone call, ShinyHunters quickly pivoted from business targets to the dating world, hitting multiple platforms tied to Match Group – including Match.com, Hinge, and OkCupid.
By leveraging voice-based social engineering kits, the ransomware group claimed it siphoned over 10 million records from the Tinder parent company, including user IDs, transaction details, IP addresses, dating profiles, and internal corporate documents.
Investigators linked the breach activity to AppsFlyer, a mobile marketing analytics platform used by the dating conglomerate.
Not to be left out, Bumble also found itself on Shiny Hunter’s victim roster, although the company has since denied that any user data was exposed.
The alleged 30GB of data haul reportedly includes internal company documents, employee PII, contracts, invoices, and some Bumble Hive group information.
“Tinder for Nazis” forum leak
After dating apps, the breach landscape took a sharp turn into less expected territory.
A female/hacker/investigative journalist blew the lid off several white supremacist dating sites and uncovered a data leak exposing thousands of user profiles, private messages, and account metadata.
Using an AI chatbot, over 8,000 profiles and 100GB of data were exfiltrated from the "WhiteDate" aka "Tinder for Nazis," which was discovered to be run by a right-wing extremist from Germany. Two other sites exposed were identified as "White Child" for fertility match-ups and "White Deal" for the gig marketplace.
What's more, the female reporter who uncovered the racist platforms deleted all three of them in front of a live audience while dressed as a Pink Power Ranger.
Don't ever say breaches are boring.
ICE agent doxxing
Next, data on approximately 4,500 US Immigration and Customs Enforcement (ICE) and Border Patrol agents were released by an informant within the US Department of Homeland Security (DHS) in mid-January.
Fueled by tension between agents and activists in Minnesota after the shooting death of an unarmed protester, the ICE data leak was said to include names, work emails, and other personal information, as well as internal agency information.
Ironically, the leak site itself, known as “The ICE List,” was also attacked by Russian hackers. The leak included names, work emails, and internal agency information, increasing concerns around harassment, impersonation, and operational security threats tied to government personnel.
Supply Chain Spotlight
Attackers did not need to breach Apple directly this month. Instead, they targeted Luxshare, an Apple supplier, claiming to have gained access to confidential engineering files related to projects by Apple, Nvidia, LG, and Elon Musk’s Tesla.
The incident shows how third-party vendors and contractors – including those tied to Bumble – often remain the weakest entry point for high-value corporate environments.
Other notable breaches:
With attackers increasingly exploiting vendors and contractors, consumer-facing platforms were next in line, first up, with a breach at Edmonds, the popular US-based online car-shopping and research platform.
About 146,000 consumers had their personal data compromised – including emails, usernames, and passwords (both hashed and unhashed) – after ShinyHunters, once again, claimed responsibility for the intrusion.
The New York-based Monroe University was the next organization to announce a breach – although the incident itself occurred back in December 2024.
Alerting students and faculty more than a year later, the unnamed third-party compromise exposed highly sensitive data tied to over 320,000 victims, including Social Security numbers, passport details, medical records, and financial account data.
Athletic sportswear and footwear giant Nike is investigating the purported online release of 1.4 TB of internal company files – including corporate and manufacturing data and nearly 190,000 unique files – said to be courtesy of the World Leaks ransomware gang.
Finally, Under Armour, another global athleisure and sneaker brand, is dealing with its own fallout after allegedly ignoring a ransom demand from a threat actor who then leaked 72.7 million customer emails, including purchase histories, on a hacker forum.
That incident is thought to be connected to a November breach claimed by the Everest ransomware group.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked