Skip to content

Third Party Risk Management

Discord Data Breach via Third-Party Customer Service Provider

Date of Incident: September 20, 2023 Overview: In a data breach disclosed on October 4, 2025, Discord experienced a security incident via a third-party customer service provider on September 20, 2023. The attack exposed partial payment data and personally identifiable information, including names, IDs, and email addresses of users who interacted with Discord’s support teams.… Read More »Discord Data Breach via Third-Party Customer Service Provider

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 23 Sep – 29 Sep, 2025

The final week of September 2025 saw critical cybersecurity incidents impacting global aviation, automotive, retail, and manufacturing sectors. Key events include a crippling ransomware attack on Collins Aerospace that disrupted European airports, a major data breach at Stellantis exposing 18 million customer records via a compromised Salesforce platform, and a system-wide outage at Japan’s Asahi… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 23 Sep – 29 Sep, 2025

Harrods third-party supplier breach

Date of Incident: 2024 Overview: In 2024, Harrods experienced a data breach due to a third-party supplier vulnerability, affecting 430,000 customer records with names, contact details, and marketing information exposed. The breach, which became public in September 2025, did not compromise passwords, payment details, or order histories. Attackers used exploitation techniques like SQL Injection to… Read More »Harrods third-party supplier breach

Stellantis Salesforce Data Breach

Date of Incident: 2025-05 Overview: In May 2025, Stellantis experienced a data breach involving unauthorized access to a third-party Salesforce platform used for customer service operations in North America. Attackers stole over 18 million records containing customer contact information, including names and contact details. No financial or sensitive personal information was compromised. The breach was… Read More »Stellantis Salesforce Data Breach

Weekly Report: New Hacking Techniques and Critical CVEs 09 Sep – 15 Sep, 2025

The final week of August was marked by an unprecedented intersection of SaaS, supply chain, and state infrastructure attacks. Standout incidents included the highly technical s1ngularity AI-assisted supply chain compromise of Nx, the widespread theft of Salesforce and Google data via the Salesloft Drift OAuth breach, and ransomware that brought Nevada’s government services to a… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 09 Sep – 15 Sep, 2025

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.