Merkle hit by data theft breach
Incident
Summary
Hide ▲
Show ▼
Merkle suffered a breach that led to theft of sensitive employee files and a brief operational shutdown, exposing current and former staff to follow-on fraud risk. Dentsu said it detected unusual activity on Merkle's network, launched incident response, and contained the attack. Some systems were taken offline temporarily and later restored, while law enforcement and UK regulators were notified. The stolen files reportedly include bank and payroll details, National Insurance numbers, and contact information, with additional records tied to clients and suppliers.
Related Happenings
Merkle staff and client data leak
Data Leak
First: 28.10.2025 23:16
Last: 28.10.2025 23:16
Sources 1
How related:
certain files containing information about current and former employees were stolen from Merkle's network, files.
About this happening:
**Merkle**, the U.S.-based subsidiary of **Dentsu**, confirmed a **data theft** that exposed staff and client information and triggered notifications to impacted individuals. Inte...
Merkle staff and client data leak
Data LeakHow related: certain files containing information about current and former employees were stolen from Merkle's network, files.
About this happening: **Merkle**, the U.S.-based subsidiary of **Dentsu**, confirmed a **data theft** that exposed staff and client information and triggered notifications to impacted individuals. Inte...
Capita hit by ransomware attack
Incident
First: 15.10.2025 12:00
Last: 15.10.2025 12:00
Sources 1
About this happening:
**Capita** suffered a **2023 ransomware intrusion** after an employee device infection let the attacker move laterally, lock out staff, and steal sensitive data. The breach matter...
Capita hit by ransomware attack
IncidentAbout this happening: **Capita** suffered a **2023 ransomware intrusion** after an employee device infection let the attacker move laterally, lock out staff, and steal sensitive data. The breach matter...
ICO £14m penalty against Capita over 2023 breach
Regulatory/Legal Action
First: 15.10.2025 12:00
Last: 15.10.2025 12:00
Sources 1
About this happening:
**Capita** will not appeal a **£14m** penalty imposed by the **ICO** over security failings tied to a **2023 data breach** that affected **nearly seven million people**. The enfor...
ICO £14m penalty against Capita over 2023 breach
Regulatory/Legal ActionAbout this happening: **Capita** will not appeal a **£14m** penalty imposed by the **ICO** over security failings tied to a **2023 data breach** that affected **nearly seven million people**. The enfor...
Jaguar Land Rover hit by cyberattack, receives £1.5 billion UK loan guarantee
Incident
First: 26.09.2025 22:59
Last: 26.09.2025 22:59
Sources 1
About this happening:
**Jaguar Land Rover (JLR)** confirmed that attackers stole **some data** in a recent **cyberattack** that **severely disrupted production** and forced the company to shut down sys...
Jaguar Land Rover hit by cyberattack, receives £1.5 billion UK loan guarantee
IncidentAbout this happening: **Jaguar Land Rover (JLR)** confirmed that attackers stole **some data** in a recent **cyberattack** that **severely disrupted production** and forced the company to shut down sys...
Jaguar Land Rover (JLR) data theft during breach
Data Leak
First: 16.09.2025 16:08
Last: 16.09.2025 16:08
Sources 1
About this happening:
**Jaguar Land Rover (JLR)** confirmed that attackers stole **some data** during a **cyberattack** that disrupted **production** and forced systems offline. The company said its in...
Jaguar Land Rover (JLR) data theft during breach
Data LeakAbout this happening: **Jaguar Land Rover (JLR)** confirmed that attackers stole **some data** during a **cyberattack** that disrupted **production** and forced systems offline. The company said its in...
Timeline
-
29.10.2025 22:14 2 articles · 6mo ago
Merkle breach exposes employee, client, and supplier data
Initial DisclosureDentsu disclosed that Merkle, its US-based CXM subsidiary, was breached by an unidentified threat actor and that files were taken from Merkle's network containing information about current and former employees, as well as some clients and suppliers. Dentsu said it detected unusual activity, contained the incident, launched an investigation, notified law enforcement and the UK's Information Commissioner's Office (ICO) and National Cyber Security Centre (NCSC), briefly took some systems offline, and began notifying potentially affected people while offering a year of credit and Dark Web monitoring.
Show sources
- Dentsu Subsidiary Breached, Employee Data Stolen — www.darkreading.com — 29.10.2025 22:14
- Dentsu Subsidiary Breached, Employee Data Stolen — www.darkreading.com — 29.10.2025 22:14