News

February 2026 Cybersecurity Updates: Data Breaches and High Vulnerabilities

Luciano Ferrari

02 Mar 2026 — 2 min read

Monday, March 2, 2026

Top 5 Cybersecurity Stories You Should Know

February 2026 Cybersecurity Updates: Data Breaches and High Vulnerabilities — tl;dr: February 2026 saw significant cybersecurity incidents, including data breaches at Panera Bread, Substack, and Volvo Group North America, exposing millions of customer records. Notably, Dutch carrier Odido suffered a breach affecting 6.2 million customers. Additionally, critical vulnerabilities like CVE-2026-25253 in OpenClaw and configuration hijacking in NGINX were disclosed, highlighting the need for robust security measures. Organizations are urged to implement multi-factor authentication, encryption, and automated patch management to safeguard against these threats and enhance their security posture.
↪ https://www.linkedin.com/pulse/cybersecurity-news-updates-february-2026-inspirisys-svnoc
Conduent Data Breach Affects 25 Million, Exposing Sensitive Personal Information — tl;dr: A significant data breach at Conduent has compromised the personal information of at least 25 million individuals, including names, Social Security numbers, and medical records. This incident, which occurred between late 2024 and early 2025, has prompted investigations by states such as Montana and Texas, raising concerns among major health insurance providers about the security of healthcare data. The breach serves as a stark reminder of the vulnerabilities in healthcare data security, highlighting the urgent need for enhanced protective measures and protocols to safeguard patient information. Healthcare professionals are urged to advocate for stronger security practices.
↪ https://thisweekhealth.com/news_story/conduent-data-breach-exposes-personal-info-of-25-million-nationwide/
IBM X-Force Reports 44% Rise in Public-Facing Application Exploits in 2025 — tl;dr: The IBM X-Force Threat Intelligence Index 2026 reveals a 44% increase in the exploitation of public-facing applications, driven by vulnerabilities in software supply chains and weak authentication practices. Credential theft remains a significant issue, with over 300,000 ChatGPT credentials exposed on dark web marketplaces. Manufacturing and finance sectors are the most targeted, with North America experiencing the highest attack rate. Organizations are urged to adopt stronger authentication measures, enhance visibility into credential exposure, and ensure secure configurations to bolster cyber resilience against evolving threats.
↪ https://industrialcyber.co/reports/ibm-x-force-reports-44-surge-in-exploitation-of-public-facing-applications-as-supply-chain-and-identity-attacks-intensify/
Ransomware Payments Drop 8% Despite 50% Increase in Attacks in 2025 — tl;dr: In 2025, ransomware payments fell by 8% year-on-year to $820 million, even as the number of victims surged by 50%, marking the highest activity on record. This decline in payments is attributed to improved incident response, regulatory scrutiny, and a decrease in payment rates from 63% to 29%. However, the median ransom payment skyrocketed by 368% to $59,556, indicating that those who pay are facing higher demands. Organizations are urged to enhance their cybersecurity measures and incident response strategies to mitigate risks and reduce the likelihood of falling victim to ransomware attacks.
↪ https://www.infosecurity-magazine.com/news/ransomware-payments-decline-1/
February 2026 Ransomware Report: 680 Victims, 54 Groups Active — tl;dr: In February 2026, ransomware groups claimed 680 victims across 72 countries, with Qilin leading at 104 victims. The healthcare sector saw a significant rise, jumping from 40 to 93 victims, highlighting its vulnerability to double extortion tactics. Notably, the fraudulent group 0APT falsely claimed 183 victims, which were excluded from the report. The report emphasizes the need for organizations, particularly in healthcare and legal sectors, to enhance their cybersecurity measures and credential exposure reviews to mitigate risks from ransomware attacks.
↪ https://www.breachsense.com/ransomware-reports/february-2026/