LATEST POST
Breachforums Boss to Pay $700k in Healthcare Breach
Brian Krebs reports: In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for sale on the forum in 2023. Conor Brian Fitzpatrick, a.k.a. “Pompompurin,” is slated for resentencing next month […]
Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations
The Record reports that Japan has enacted a new law that permits the country’s authorities to preemptively engage with adversaries through offensive cyber operations to prevent significant damage to the country: The new Active Cyberdefense Law mirrors recent reinterpretations of Article 9, providing Japan’s Self-Defence Forces with the right to provide material support to allies […]
RIBridges’ firewall worked, but hundreds of alerts went unnoticed or ignored.
Footnotes in CrowdStrike’s forensics report offer troubling details of Deloitte’s handling of incident logs. Rhode Island Current reports that the attack on RIBridges triggered hundreds of firewall alerts during the five months that attackers were in the network and were transferring gigabytes of data. But the state’s vendor, Deloitte, did not know the system had […]
Cyber criminals bribed rogue overseas support agents to steal Coinbase customer data
Coinbase says they are protecting their customers and standing up to the extortionists. Tl;dr: Cyber criminals bribed and recruited a group of rogue overseas support agents to steal Coinbase customer data to facilitate social engineering attacks. These insiders abused their access to customer support systems to steal the account data for a small subset of […]
Ascension discloses multiple third-party data breaches
Over the course of the last year, Ascension Health has been affected by several third-party data breaches impacting its patients across multiple states. TechTarget reports: Ascension Health, a Missouri-based Catholic health system, has disclosed several third-party data breaches in 2025, impacting patients across its network of hospitals and care facilities. While Ascension posted notices for […]
No, Your Steam Account Didn’t Just Get Hacked
How-to Geek reports, “There have been rumors about a large-scale data breach impacting nearly 90 million Steam accounts. However, the original source was debunked, so you probably don’t have anything to worry about.” But if you want to err on the side of caution, it wouldn’t hurt to change your password for Steam and anywhere […]
New York Tightens the Breach Clock: 30 Days to Notify
As seen at Corporate Compliance Insights: Organizations handling New Yorkers’ data now face one of the country’s shortest breach notification deadlines. Morrison Foerster attorneys Melissa Crespo and Reiley Porter break down the state’s recent amendments that impose a 30-day notification requirement and expand protected information categories to include medical and health insurance data. Recent amendments […]
Moldova arrests suspect linked to DoppelPaymer ransomware attacks
Bleeping Computer reports that an unnamed 45-year-old suspect linked to DoppelPaymer ransomware attacks targeting Dutch organizations in 2021 has been arrested by Moldovan police. Police officers searched the suspect’s home and car on May 6, seizing an electronic wallet, €84,800, two laptops, a mobile phone, a tablet, six bank cards, and multiple data storage devices. […]