Welcome to the April 2026 edition of The Breach Report, your monthly roundup of the latest security incidents. This month, we saw a major data breach at the popular social media platform 'ConnectSphere,' a sophisticated phishing campaign targeting customers of a major bank, and a new strain of ransomware that is causing headaches for healthcare organizations.

ConnectSphere Data Breach: The social media giant confirmed that the personal information of over 200 million users was exposed in a data breach that occurred in late March. The compromised data includes names, email addresses, and phone numbers. The company is still investigating the incident, but it is believed that the attackers exploited a vulnerability in a third-party API.

'BankSafe' Phishing Campaign: A sophisticated phishing campaign is targeting customers of 'BankSafe,' one of the nation's largest financial institutions. The emails, which appear to be from the bank, trick users into revealing their login credentials. The campaign is highly targeted and uses personalized lures to increase its effectiveness.

'MedusaLocker' Ransomware: A new strain of ransomware, dubbed 'MedusaLocker,' is targeting healthcare organizations across the country. The ransomware encrypts critical patient data and demands a hefty ransom for its release. The FBI has issued a warning about the new threat and is urging healthcare organizations to take immediate steps to protect their systems.