LATEST POST
PowerSchool hacker pleads guilty, released on personal recognizance bond
DataBreaches.net reports: He’s just a frail-looking teenager, but he sent threatening emails to get his victims to pay his extortion demands. Today, 19 year-old Assumption College student Matthew Lane waived indictment and pleaded guilty in a Worcester courtroom to hacking an unnamed telecom company and an unnamed edtech vendor, widely known to be PowerSchool. As per the plea […]
Tax resolution firm Optima Tax Relief hit by ransomware, data leaked
Bleeping Computer reports: U.S. tax resolution firm Optima Tax Relief suffered a Chaos ransomware attack, with the threat actors now leaking data stolen from the company. Optima Tax Relief is a well-known U.S. tax resolution and settlement firm that helps individuals and businesses in addressing and fixing federal and state tax issues. The company claims […]
Kettering Health Ransomware Attack: Interlock Ransomware Group Leaks Stolen Data
HIPAA Journal reports: Kettering Health is continuing to make progress in recovering from its May 20, 2025, ransomware attack. While its EHR has been restored, other IT systems remain offline, with disruption continuing at its Ohio medical centers and outpatient facilities. Earlier this week, Kettering Health issued an update confirming that a small subset of […]
Google: Hackers target Salesforce accounts in data extortion attacks
BleepingComputer reports that there may be some cooperation or collaboration between the threat actor groups known as ShinyHunters and the loose collective known as “The Com:” Google has observed hackers claiming to be the ShinyHunters extortion group conducting social engineering attacks against multi-national companies to steal data from organizations’ Salesforce platforms. According to Google’s Threat […]
Oklahoma Expands its Security Breach Notification Law
From Jackson Lewis’s Workplace Privacy, Data Management & Security Report: The Oklahoma State Legislature recently enacted Senate Bill 626, amending its Security Breach Notification Act, effective January 1, 2026, to address gaps in the state’s current cybersecurity framework (the “Amendment”). … In the new year, entities required to provide notice to impacted individuals under the […]
M&S hackers sent abusive ransom demand directly to CEO
It is not unusual for ransomware gangs to send threatening emails to the executives of their target. Some send emails that mention personal details about the executives or their families. Others threaten regulator punishment or other consequences of a highly publicized breach. But DragonForce reportedly included their travel itinerary to the target. As the BBC […]
Germany fines Vodafone $51 million for privacy, security breaches
Vodafone GmbH has been hit with a massive fine by the German data protection agency for privacy and data security violations. BleepingComputer reports: The German data protection authority (BfDI) has fined Vodafone GmbH, the telecommunications company’s German subsidiary, €45 million ($51.4 million) for privacy and security violations. “Due to malicious employees in partner agencies who […]
Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
A press release from the U.S. Attorney’s Office, Eastern District of New York: