KnowTechie reports: Two former cybersecurity professionals have admitted they were secretly running ransomware attacks on the side. According to an announcement this
The Record reports: France’s data protection regulator has fined the software company Nexpublica France €1.7 million ($2 million) for poor
By Hunton Andrews Kurth’s Privacy and Cybersecurity Blog: On December 16, 2025, the Federal Trade Commission (“FTC”) announced an enforcement action against
The Record reports: French authorities arrested a 22-year-old on Wednesday as part of an investigation into a hack of the
VitalLaw reports: The Department of Defense would have to add new cybersecurity requirements to its contracts for telecom services when
Miscellaneous News
From Polsinelli PC: In two separate but related actions, third party administrators (TPAs) and their insurance business partners agreed to
CSO reports: Three of the most notorious ransomware-as-a-service operations have formed a criminal cartel aimed at coordinating attacks and sharing
KnowTechie reports: Two former cybersecurity professionals have admitted they were secretly running ransomware attacks on the side. According to an announcement this week from the US Department of Justice, Ryan Goldberg, 40, and Kevin Martin, 36, pleaded guilty to orchestrating a string of ransomware attacks in 2023 that netted them about $1.2 million in Bitcoin. Here’s the part that makes security teams everywhere groan into their coffee: one of the defendants was literally a ransomware negotiator. Martin and an unnamed co-conspirator worked
SecurityWeek provides an update on the Coupang breach: Coupang, the South Korean ecommerce giant listed in the US (NYSE: CPNG), on Monday announced plans to spend 1.685 trillion won (~$1.17 billion) in compensation over a recent data breach. The incident, the company said in early December, was discovered on November 18, and involved unauthorized access to customers’ personal information via overseas servers. Coupang told SecurityWeek that the data breach started on June 24, 2025, and that 33.7 million customer accounts in Korea were affected.
News19 reports: Nearly a quarter of a million residents in South Carolina may have had their data exposed in a breach that occurred months earlier, according to state records. A data breach notice provided to the South Carolina Department of Consumer Affairs (SCDCA) by Prosper Marketplace Inc. on Dec. 11 stated that the company learned on Sept. 1 of unauthorized activity on its systems. The peer-to-peer lending and personal finance company said it publicly reported the incident on its website on Sept.
BleepingComputer reports: A hacker claims to have breached Condé Nast and leaked an alleged WIRED database containing more than 2.3 million subscriber records, while also warning that they plan to release up to 40 million additional records for other Condé Nast properties. On December 20, a threat actor using the name “Lovely” leaked the database on a hacking forum, offering access for approximately $2.30 in the site’s credits system. In the post, Lovely accused Condé Nast of ignoring vulnerability reports
The Register reports: The US says it has shut down a platform used by cybercriminals to break into Americans’ bank accounts. A law enforcement splash page now appears when trying to reach web3adspanels.org, which supported SEO poisoning campaigns designed to steal people’s bank account credentials. Criminals would pay for prime slots in search engine results, serving users seemingly legitimate banking websites that were actually fakes. From there, unwitting users entered their passwords, which were dumped into a database, but they
HIPAA Journal reports: The number of individuals affected by the hacking incident at Oracle Health has yet to be confirmed;
Bloomberg News reports: Goldman Sachs Group Inc. warned investors in some of its alternative investment funds that their data may have
Agencias reports a detail in the Coupang breach and arrest: Coupang, the South Korean e-commerce giant, has faced a serious
The Register reports: The number of successful cyber insurance claims made by UK organizations shot up last year, according to
Insurance Business Magazine reports: A Texas woman has sued Goosehead Insurance Agency over a data breach that exposed sensitive customer
HIPAA Journal reports: The number of individuals affected by the hacking incident at Oracle Health has yet to be confirmed;
KnowTechie reports: Two former cybersecurity professionals have admitted they were secretly running ransomware attacks on the side. According to an announcement this week from the US Department of Justice, Ryan Goldberg, 40, and Kevin Martin, 36, pleaded guilty to orchestrating a string of ransomware attacks in 2023 that netted them about $1.2 million in Bitcoin. Here’s the part that makes security teams everywhere groan into their coffee: one of the defendants was literally a ransomware negotiator. Martin and an unnamed co-conspirator worked
SecurityWeek provides an update on the Coupang breach: Coupang, the South Korean ecommerce giant listed in the US (NYSE: CPNG), on Monday announced plans to spend 1.685 trillion won (~$1.17 billion) in compensation over a recent data breach. The incident, the company said in early December, was discovered on November 18, and involved unauthorized access to customers’ personal information via overseas servers. Coupang told SecurityWeek that the data breach started on June 24, 2025, and that 33.7 million customer accounts in Korea were affected.
News19 reports: Nearly a quarter of a million residents in South Carolina may have had their data exposed in a breach that occurred months earlier, according to state records. A data breach notice provided to the South Carolina Department of Consumer Affairs (SCDCA) by Prosper Marketplace Inc. on Dec. 11 stated that the company learned on Sept. 1 of unauthorized activity on its systems. The peer-to-peer lending and personal finance company said it publicly reported the incident on its website on Sept.
BleepingComputer reports: A hacker claims to have breached Condé Nast and leaked an alleged WIRED database containing more than 2.3 million subscriber records, while also warning that they plan to release up to 40 million additional records for other Condé Nast properties. On December 20, a threat actor using the name “Lovely” leaked the database on a hacking forum, offering access for approximately $2.30 in the site’s credits system. In the post, Lovely accused Condé Nast of ignoring vulnerability reports
KnowTechie reports: Two former cybersecurity professionals have admitted they were secretly running ransomware attacks on the side. According to an announcement this
The Record reports: France’s data protection regulator has fined the software company Nexpublica France €1.7 million ($2 million) for poor
By Hunton Andrews Kurth’s Privacy and Cybersecurity Blog: On December 16, 2025, the Federal Trade Commission (“FTC”) announced an enforcement action against
The Record reports: French authorities arrested a 22-year-old on Wednesday as part of an investigation into a hack of the
VitalLaw reports: The Department of Defense would have to add new cybersecurity requirements to its contracts for telecom services when
Miscellaneous News
From Polsinelli PC: In two separate but related actions, third party administrators (TPAs) and their insurance business partners agreed to
CSO reports: Three of the most notorious ransomware-as-a-service operations have formed a criminal cartel aimed at coordinating attacks and sharing
HIPAA Journal reports: The number of individuals affected by the hacking incident at Oracle Health has yet to be confirmed;
Bloomberg News reports: Goldman Sachs Group Inc. warned investors in some of its alternative investment funds that their data may have
Agencias reports a detail in the Coupang breach and arrest: Coupang, the South Korean e-commerce giant, has faced a serious
The Register reports: The number of successful cyber insurance claims made by UK organizations shot up last year, according to
Insurance Business Magazine reports: A Texas woman has sued Goosehead Insurance Agency over a data breach that exposed sensitive customer
HIPAA Journal reports: The number of individuals affected by the hacking incident at Oracle Health has yet to be confirmed;
