Svoboda Cybersecurity Brief January 19, 2026

CIRO Data Breach Exposes 750,000 Canadian Investors’ Sensitive Data

The Canadian Investment Regulatory Organization (CIRO) confirmed a 2025 breach exposed personal and financial data of 750,000 investors, including Social Insurance Numbers, account statements, and government IDs. No evidence of misuse has been found, but victims will receive two years of credit monitoring.
Source: BleepingComputer

Anchorage Police Department Disables Systems After Vendor Cyberattack

Anchorage Police took servers offline after a cyberattack on their data migration provider Whitebox Technologies. Third-party access was cut, but no ransomware group has claimed responsibility.
Source: DataBreaches.net

Iranian-Linked Phishing Targets Activists via WhatsApp and Gmail

High-profile Middle Eastern activists received AI-powered phishing links impersonating Iranian protest-related content. Analysis revealed customized malicious pages exploiting current events.
Impact: Credential theft and potential surveillance.
Mitigation: Verify links via trusted channels, enable MFA.
Source: DataBreaches.net

Japanese Nuclear Regulator Loses Confidential Device in China

A Nuclear Regulation Authority employee lost a smartphone containing sensitive nuclear security contacts during a personal trip to China. No misuse confirmed, but leak risks remain.
Source: DataBreaches.net

80% of Small Businesses Hit by Cybercrime, 40% Involved AI

A survey found 38% of breached SMBs raised prices to cover losses, with nearly half of attacks leveraging AI tools. Repeat breaches (2-3 per year) were common.
Source: DataBreaches.net

Share this brief: https://svo.bz/4wWf