NATHAN AUSTAD, one of three people indicted for hacking DraftKings in 2022 has now been sentenced to 18 months in prison. In April, a second man, KAMERIN STOKES, a/k/a “TheMFNPlug,” was sentenced to 30 months in prison for his role, while JOSEPH GARRISON was sentenced in 2024 to 18 months: United States Attorney for the...

Source

In August 2025, DataBreaches added the Colorado Health Network (CHN) to our non-public worksheets after threat actors called Cephalus added the provider to its’ dark web leak site with a claim that they had acquired 900 GB of data. Cephalus disappeared from public view days later, and never leaked the data on any server that...

Source

Yes, another entry in our “no need to hack when it’s leaking” archives, and another example of entities trying to excuse their security  failures by claiming they were “hacked.” Danny Bradbury cuts to the chase: Some organizations exist to be exclusive. They’re invite-only, and discreet, the kind of place where the membership directory is the...

Source

Kyiv Post reports: Ukrposhta, Ukraine’s national postal service, announced system malfunctions following a cyberattack overnight going into Thursday. In a brief update, the state-run postal service said it is working to restore operations and would provide updates as they become available. “Due to a nighttime hostile attack on IT systems, the Ukrposhta application is temporarily malfunctioning,”...

Source

If there were a soundtrack for this post, it would be Queen’s “Another One Bites the Dust.” There’s another chapter in the ongoing drama that is “BreachForums.” Yesterday,  the BreachForums clone at breached[.hn]  was listed for sale for $3k USD. By today, they had dropped the price to $ 1,500 USD and still couldn’t seem...

Source

Joseph Cox reports: The hackers that stole a large cache of data from Madison Square Garden called a low level employee and tricked them into letting the hackers into MSG’s systems, according to the hackers and 404 Media’s review of the stolen data. …  404 Media downloaded the full 45GB data dump and found the...

Source

Bill Toulas reports: Tata Electronics has confirmed in a statement to BleepingComputer that it was the target of a cyberattack that impacted parts of its IT infrastructure. The company emphasizes that its operations continued to run normally and were not affected by the incident. […] While Tata Electronics has not disclosed the threat actor’s identity,...

Source

Password manager LastPass is still dealing with the settlement from its 2022 data breach (see Related Posts, below, for background on that), but now it has another breach to disclose. Zack Whittaker reports: Password manager maker LastPass is notifying customers that their personal information and customer support case records were stolen during a recent hack...

Source

MITSloan reports: The intelligence alliance of the United States, United Kingdom, Canada, Australia, and New Zealand, commonly known as Five Eyes, has raised concerns over rapidly advancing artificial intelligence, which can supercharge offensive hacking capabilities. In a three-page statement, the alliance called for urgent action to confront the threat. “Frontier AI models are anticipated to...

Source

Over on SuspectFile, Marco A. De Felice reflects on how we may overfocus on identifying threat actors exploiting vulnerabilities while failing to focus enough on root causes and incident response. He highlights what he calls a structural fragility that cannot be ignored: that many organizations continue to collect, centralize, and retain vast amounts of sensitive...

Source

Two members of Scattered Spider, who were arrested in 2024 and 2025, have reportedly changed their pleas to guilty just before their trials were set to begin. Victoria Collins reports: Two men have pleaded guilty to offences in connection with a massive cyber attack which caused Transport for London (TfL) months of disruption and cost...

Source

Xsolis, Inc. is a business associate in the healthcare sector, providing utilization and case management services. They describe themselves as applying “industry-leading AI and automation to ensure appropriate care settings and accelerate collaboration across a connected network of providers and payers.” On June 19, California Attorney General’s Office posted a copy of a breach notification...

Source

On April 19, 2026, Cherry Health in Michigan detected suspicious network activity. Investigation revealed that an unknown person or persons had gained access to its network and copied data. On June 18, Cherry Health published a preliminary notice on its website.  The notice makes no mention of any earlier reporting on the incident that had...

Source

This is the kind of cyberattack that can put lives at risk and makes me want to wring some necks if I wasn’t so old and feeble. Demócrata reports: Brazil’s Civil Defense has reported this Saturday that its official alert system has been the target of a cyberattack, an incident that is already being investigated...

Source

June was a challenging month for Novo Nordisk regarding cybersecurity and intellectual property protection. The pharma giant allegedly had some of its data — including intellectual property — stolen by two independent groups of threat actors. Unaware of each other, each group claimed to have acquired a large amount of valuable information. One demanded $25...

Source

Lawrence Abrams reports: Market intelligence platform Klue has publicly confirmed a recent security incident that allowed threat actors to steal OAuth tokens used to connect to customers’ Salesforce environments, as the new “Icarus” extortion group publicly claims the attack. The disclosure comes after cybersecurity firms Huntress and ReliaQuest detailed how attackers abused compromised Klue Battlecards integrations to steal Salesforce...

Source

Following a major data security incident involving sensitive student and parent information, Global Schools Group sought court injunctions prohibiting the publication of data acquired by FulcrumSec. They obtained the injunctions, but once again, injunctions do not affect threat actors — or at least, not in the way the plaintiffs hoped.  Yesterday, DataBreaches reported that Global...

Source

Another day, another injunction. When DataBreaches read the news headline, our first thought was that this was an injunction sought by Global Schools Group. Our first impression was correct, but it took a reminder from FulcrumSec to realize that it was GSG-connected.  Ananya Iyer  reports: The Bombay High Court issued an interim order restraining the...

Source

Alexandra Posadzki reports: Canadian hacker Aubrey Cottle has pleaded guilty to three charges stemming from a cyberattack linked to notorious hacktivist group Anonymous on the Texas Republican Party. Mr. Cottle, who appeared in court in Newmarket, Ont., on Thursday, pleaded guilty to fraudulently obtaining a computer service, namely the systems of web-hosting company Epik, causing mischief...

Source

Ahmed Humble reports that 41,485 Texans may have had personal and protected health information exposed in a data breach involving a Houston-based Blue Fish Pediatrics. The breach reportedly occurred between July 11 and July 17, 2025, but patients are only first being notified now. The types of information included: Full names Dates of birth Social...

Source