- Comparitech Stack Report
- Posts
- Apparel Company FullBeauty Data Breach Exposes SSNs
Apparel Company FullBeauty Data Breach Exposes SSNs
Taylor Hawes
January 30, 2026
⚡ Weekend Threat Brief
Apparel Company FullBeauty Data Breach Exposes SSNs
FullBeauty Brands has confirmed that it notified at least 1,191 people of a data breach from October 2025 in which names and Social Security numbers were accessed by an unauthorized party. The ransomware group Everest claimed responsibility and later leaked the data after alleging the company missed a ransom deadline. FullBeauty is offering one year of free credit monitoring and identity theft protection to affected individuals. This incident highlights ongoing risks to retail and consumer data from ransomware and extortion actors.
Takeaway:
Hackers leaked sensitive personal information including SSNs after a breach in late 2025.
Ransomware extortion played a role, with data published when ransom demands were not met.
Affected users are being offered protective services including identity protection.
🎯 Tactical Playbook
Taiwan Expands Cybersecurity Oversight for Uncrewed Systems
Taiwan’s Industrial Technology Research Institute (ITRI) has joined an international program led by the Association for Uncrewed Vehicle Systems International (AUVSI) to assess uncrewed and autonomous systems. Under an agreement signed in Washington, ITRI became the first cybersecurity assessor outside the United States recognized under AUVSI’s Green UAS program. ITRI will conduct cybersecurity testing and technical evaluations for uncrewed aircraft systems in Taiwan. The move expands access to standardized cybersecurity reviews while keeping supply chain trust requirements aligned with U.S. standards.
Key Takeaway:
ITRI is the first non-U.S. organization approved to assess cybersecurity under AUVSI’s Green UAS program.
The agreement supports standardized security testing for uncrewed aircraft systems in Taiwan.
AUVSI aims to maintain consistent supply chain trust while extending global assessment capacity.
🛡️ Research Watch
U.S. Cybersecurity Agency Chief Uploaded Sensitive Files to ChatGPT
The acting director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Madhu Gottumukkala, has drawn scrutiny after uploading sensitive government contracting documents labeled “for official use only” into the public version of ChatGPT. The upload triggered internal security alerts and prompted an internal review. While the documents were not classified, officials raised concerns that using public AI tools to handle internal government materials can expose sensitive information, potentially allowing the content to be used beyond its intended scope. This incident underscores the challenges of balancing emerging AI tools with stringent data protection policies in government operations.
🧩 Tool Tip of the Week
Maintain Accurate IP Addresses with OpUtils
ManageEngine OpUtils is a network management tool designed to help IT teams control and track IP address usage and network assets. It is particularly useful in environments where network complexity and security concerns are increasing.
Tip: Use OpUtils to maintain accurate IP address inventories and detect unauthorized devices on your network.
Configure automatic IP scans to refresh address usage data.
Set alerts for duplicate or conflicting IP assignments.
Use switch port mapping to associate network devices with physical ports.
Integrate OpUtils with your overall monitoring system to streamline network visibility.
🗣️ Community Signal
Cybersecurity is not for people looking for shortcuts. It is not a two-month transformation or a passive learning journey. This field demands deep curiosity, continuous learning, and the patience to fail repeatedly while solving complex problems. If debugging frustrates you, if networking concepts feel boring, or if you are uncomfortable working under pressure, cybersecurity will test you every single day. CyberFort Academy.
🗳️ Your Take - The Results
|
Until Monday’s edition - Let’s keep that zero-day count at zero!