THE BREACH REPORT
Live Intelligence First48CISO.com
Daily Cybersecurity Intelligence
The
Breach
Report

Active breach intelligence, threat actor activity, and regulatory developments for security leaders who cannot afford to be the last to know.

48
Hour response window
Daily
Intelligence briefing
Free
Always
ShinyHunters hits Canvas — 275M records across 8,800 institutions Grafana targeted by Coinbase Cartel — May 18, 2026 Medtronic confirms breach — 9M records, SEC 8-K filed First AI-generated zero-day confirmed in the wild — Google GTIG Average breach cost: $4.88M — IBM 2026 241 days average detection time — identify your gaps now ShinyHunters hits Canvas — 275M records across 8,800 institutions Grafana targeted by Coinbase Cartel — May 18, 2026 Medtronic confirms breach — 9M records, SEC 8-K filed First AI-generated zero-day confirmed in the wild — Google GTIG Average breach cost: $4.88M — IBM 2026 241 days average detection time — identify your gaps now
Get the Breach Report in Your Inbox Daily

Security leaders and executives who rely on The Breach Report get intelligence before it becomes a headline. Free, daily, practitioner-written.

No spam. No noise. Just intelligence.
Latest Report
May 18, 2026

ShinyHunters. 275 Million Records. The Same Group Hit Two Sectors This Week.

ShinyHunters compromised Instructure's Canvas platform used by 8,800 schools and universities, claiming 275 million records across students, teachers, and staff. The same threat actor group — linked to Coinbase Cartel, Scattered Spider, and Lapsus$ — hit Grafana today, targeting enterprise infrastructure monitoring. Two sectors. One week. One group.

The pattern is not opportunistic. It is systematic targeting of organizations where data density is high and response infrastructure is historically weak. The average organization takes 181 days to detect a breach. Does your IR plan account for a group that moves this fast?

Read Full Report →
Date
May 18, 2026
Threat Actor
ShinyHunters / Coinbase Cartel
Records
275M+
Severity
Critical
Sectors
Education, Enterprise Tech
Recent Reports
May 18, 2026
ShinyHunters: 275M Records Stolen from Canvas Platform — Same Group Hits Grafana Same Week
Critical
May 13, 2026
AI Zero-Day Confirmed: First AI-Generated Exploit Used in a Real Criminal Attack — Google GTIG
Critical
May 12, 2026
Medtronic Confirms Breach: 9 Million Records, SSNs, Medical Histories — SEC Form 8-K Filed
Critical
About the Publisher
Written by a Practitioner. Not an Algorithm.

The Breach Report is published by Dianne Powers, Fractional CISO and founder of First 48 CISO. Every issue is written from 15 years of enterprise cybersecurity experience across financial services, critical infrastructure, and government sectors. The analysis is practitioner-level, not press release summaries.

//
Financial Services and Healthcare Advisory at VP to SVP level for organizations operating at the scale of BlackRock, Citadel, and Carlyle.
//
Critical Infrastructure Incident response lead at Entergy serving 2.7 million customers under NERC CIP compliance.
//
Enterprise Advisory Deloitte Manager in Government Services and Tata Consultancy Services global IR operations.
//
First 48 CISO Fractional CISO practice for organizations that cannot afford to find out what the first 48 hours looks like without a plan.