Merkle Breach Exposes Employee and Client Data

First reported

29.10.2025 22:14

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

Merkle, a US-based subsidiary of Dentsu, experienced a cyberattack resulting in the theft of sensitive employee and client data. The breach was detected through unusual network activity, prompting an incident response and investigation. The stolen data includes bank details, payroll information, and personal contact details. Merkle has notified affected individuals and law enforcement, and is offering credit monitoring and Dark Web monitoring to impacted employees. The nature of the attack remains unknown, but it may involve data extortion or ransomware. The incident highlights the ongoing threat of data theft and the importance of robust incident response protocols.

Timeline

29.10.2025 22:14 1 articles · 12d ago

Merkle Breach Results in Theft of Employee and Client Data
Merkle, a US-based subsidiary of Dentsu, experienced a cyberattack resulting in the theft of sensitive employee and client data. The breach was detected through unusual network activity, prompting an incident response and investigation. The stolen data includes bank details, payroll information, and personal contact details. Merkle has notified affected individuals and law enforcement, and is offering credit monitoring and Dark Web monitoring to impacted employees. The nature of the attack remains unknown, but it may involve data extortion or ransomware.
Show sources

Dentsu Subsidiary Breached, Employee Data Stolen — www.darkreading.com — 29.10.2025 22:14
Open in new tab

Information Snippets

Merkle, a subsidiary of Dentsu, was breached by an unidentified threat actor.
First reported: 29.10.2025 22:14

1 source, 1 article
Show sources
- Dentsu Subsidiary Breached, Employee Data Stolen — www.darkreading.com — 29.10.2025 22:14
The breach involved the theft of sensitive employee data, including bank details, payroll information, and personal contact details.
First reported: 29.10.2025 22:14

1 source, 1 article
Show sources
- Dentsu Subsidiary Breached, Employee Data Stolen — www.darkreading.com — 29.10.2025 22:14
The breach also affected some clients and suppliers.
First reported: 29.10.2025 22:14

1 source, 1 article
Show sources
- Dentsu Subsidiary Breached, Employee Data Stolen — www.darkreading.com — 29.10.2025 22:14
Dentsu detected unusual network activity and initiated incident response protocols.
First reported: 29.10.2025 22:14

1 source, 1 article
Show sources
- Dentsu Subsidiary Breached, Employee Data Stolen — www.darkreading.com — 29.10.2025 22:14
Dentsu notified law enforcement, the UK's Information Commissioner's Office (ICO), and the National Cyber Security Centre (NCSC).
First reported: 29.10.2025 22:14

1 source, 1 article
Show sources
- Dentsu Subsidiary Breached, Employee Data Stolen — www.darkreading.com — 29.10.2025 22:14
The company has taken measures to prevent the public disclosure of the stolen data.
First reported: 29.10.2025 22:14

1 source, 1 article
Show sources
- Dentsu Subsidiary Breached, Employee Data Stolen — www.darkreading.com — 29.10.2025 22:14
Dentsu is offering affected employees a year of credit and Dark Web monitoring.
First reported: 29.10.2025 22:14

1 source, 1 article
Show sources
- Dentsu Subsidiary Breached, Employee Data Stolen — www.darkreading.com — 29.10.2025 22:14
The nature of the attack is unknown, but it may involve data extortion or ransomware.
First reported: 29.10.2025 22:14

1 source, 1 article
Show sources
- Dentsu Subsidiary Breached, Employee Data Stolen — www.darkreading.com — 29.10.2025 22:14

Similar Happenings

Volvo NA Employee Data Stolen in Miljödata Ransomware Attack

The Miljödata breach, affecting Volvo Group North America (Volvo NA) and other organizations, exposed sensitive data for over 1.5 million individuals. The breach, confirmed in August 2025, was perpetrated by the DataCarry ransomware group, which compromised Miljödata's cloud infrastructure. The incident has led to operational disruptions in multiple Swedish regions and is under investigation by the Swedish Authority for Privacy Protection (IMY). The breach affected several universities, at least 25 companies, and 164 municipalities in Sweden, exposing additional PII for other affected organizations. The DataCarry group demanded 1.5 Bitcoins and published stolen data on the Dark Web. The incident highlights the vulnerabilities in centralized, multi-tenant cloud services and the potential for significant reputational and operational damage. Additional organizations, including Stellantis and Jaguar Land Rover, suffered similar supply chain attacks within weeks of the Miljödata incident.

Open in new tab

Nevada State Agencies Disrupted by Cyberattack

A ransomware attack on Nevada's government offices, initially detected on August 25, 2025, began as early as May 2025. The attack impacted more than 60 state government agencies and disrupted essential services, including websites, phone systems, and online platforms. The state recovered 90% of the impacted data without paying a ransom. The state has spent at least $1.5 million on recovery efforts and has implemented new cybersecurity measures to prevent future incidents. The incident prompted the state to warn residents about potential phishing attempts and to verify information from official sources. The state is collaborating with various partners to restore services and validate systems before returning them to normal operation. There is no evidence of personally identifiable information being compromised.