Cluster of security incidents

Three separate security disclosures landed within days of each other: alleged bank data leaks in Colombia, a confirmed cloud breach in Japan, and a new artificial intelligence jailbreak that worked across 11 models. (cybernews.com) In Colombia, Cybernews reported on April 8 that a threat actor posted sample data on DarkForums and claimed it came from Grupo Bancolombia and Banco de Bogotá. The report said the full extent of the alleged breach was still unverified and that both banks had been asked for comment. (cybernews.com) The samples tied to Grupo Bancolombia included screenshots of what appeared to be an internal content management system and small data files with names, location data, insurance plan details, and login or logout timestamps. The Banco de Bogotá sample contained about 30 records with full names, phone numbers, and physical addresses, according to Cybernews. (cybernews.com) In Japan, Ielove Group said on April 8 that it had confirmed unauthorized access to one of its cloud services and that data had been improperly obtained. The company said it first detected possible unauthorized access on April 6, began an initial investigation that day, and expanded the probe on April 8 with outside cybersecurity specialists. (ielove-group.jp) Ielove Group said the data confirmed as read out so far included information about outside stakeholders and information about the company itself. It said it had set up a crisis-response task force, was still investigating the scope, and would contact affected parties if new facts or impacts were confirmed. (ielove-group.jp) The artificial intelligence issue is a different kind of security problem: instead of stealing stored records, it targets the rules that keep chatbots from producing banned answers. Trend Micro said on April 10 that a technique called “sockpuppeting” can exploit application programming interfaces that let developers prefill part of an assistant’s reply. (trendmicro.com) Trend Micro said it tested 11 large language model assistants across four providers and found that every model that accepted assistant prefills was at least partly vulnerable, including GPT-4o, Claude 4 Sonnet, and Gemini 2.5 Flash. Three models were blocked at the application programming interface layer, and Gemini 2.5 Flash had the highest attack success rate in Trend Micro’s tests at 15.7%, while GPT-4o-mini had the lowest at 0.5%. (trendmicro.com) The underlying research paper was posted to arXiv on January 19, 2026 by Asen Dotsinski and Panagiotis Eustratiadis. It described “sockpuppeting” as output-prefix injection and reported attack success rates as high as 95% on Qwen-8B and 77% on Llama-3.1-8B in open-weight models. (arxiv.org) Trend Micro said some providers already block assistant-role prefills at the application programming interface layer, naming OpenAI, Amazon Web Services Bedrock, and Anthropic for Claude 4.6. The company said teams deploying large language models should check whether their application programming interfaces enforce message-order validation. (trendmicro.com) Taken together, the incidents show three different failure points in one week of security news: alleged theft and resale of bank records, confirmed cloud-service data exposure, and a low-cost way to push artificial intelligence systems past built-in refusals. (cybernews.com)