NATHAN AUSTAD, one of three people indicted for hacking DraftKings in 2022 has now been sentenced to 18 months in prison. In April, a second man, KAMERIN STOKES, a/k/a “TheMFNPlug,” was sentenced to 30 months in prison for his role, while JOSEPH GARRISON was sentenced in 2024 to 18 months: United States Attorney for the...

Source

In August 2025, DataBreaches added the Colorado Health Network (CHN) to our non-public worksheets after threat actors called Cephalus added the provider to its’ dark web leak site with a claim that they had acquired 900 GB of data. Cephalus disappeared from public view days later, and never leaked the data on any server that...

Source

Kyiv Post reports: Ukrposhta, Ukraine’s national postal service, announced system malfunctions following a cyberattack overnight going into Thursday. In a brief update, the state-run postal service said it is working to restore operations and would provide updates as they become available. “Due to a nighttime hostile attack on IT systems, the Ukrposhta application is temporarily malfunctioning,”...

Source

Bill Toulas reports: Tata Electronics has confirmed in a statement to BleepingComputer that it was the target of a cyberattack that impacted parts of its IT infrastructure. The company emphasizes that its operations continued to run normally and were not affected by the incident. […] While Tata Electronics has not disclosed the threat actor’s identity,...

Source

Xsolis, Inc. is a business associate in the healthcare sector, providing utilization and case management services. They describe themselves as applying “industry-leading AI and automation to ensure appropriate care settings and accelerate collaboration across a connected network of providers and payers.” On June 19, California Attorney General’s Office posted a copy of a breach notification...

Source

On April 19, 2026, Cherry Health in Michigan detected suspicious network activity. Investigation revealed that an unknown person or persons had gained access to its network and copied data. On June 18, Cherry Health published a preliminary notice on its website.  The notice makes no mention of any earlier reporting on the incident that had...

Source

This is the kind of cyberattack that can put lives at risk and makes me want to wring some necks if I wasn’t so old and feeble. Demócrata reports: Brazil’s Civil Defense has reported this Saturday that its official alert system has been the target of a cyberattack, an incident that is already being investigated...

Source

Lawrence Abrams reports: Market intelligence platform Klue has publicly confirmed a recent security incident that allowed threat actors to steal OAuth tokens used to connect to customers’ Salesforce environments, as the new “Icarus” extortion group publicly claims the attack. The disclosure comes after cybersecurity firms Huntress and ReliaQuest detailed how attackers abused compromised Klue Battlecards integrations to steal Salesforce...

Source

Following a major data security incident involving sensitive student and parent information, Global Schools Group sought court injunctions prohibiting the publication of data acquired by FulcrumSec. They obtained the injunctions, but once again, injunctions do not affect threat actors — or at least, not in the way the plaintiffs hoped.  Yesterday, DataBreaches reported that Global...

Source

Another day, another injunction. When DataBreaches read the news headline, our first thought was that this was an injunction sought by Global Schools Group. Our first impression was correct, but it took a reminder from FulcrumSec to realize that it was GSG-connected.  Ananya Iyer  reports: The Bombay High Court issued an interim order restraining the...

Source

Alexandra Posadzki reports: Canadian hacker Aubrey Cottle has pleaded guilty to three charges stemming from a cyberattack linked to notorious hacktivist group Anonymous on the Texas Republican Party. Mr. Cottle, who appeared in court in Newmarket, Ont., on Thursday, pleaded guilty to fraudulently obtaining a computer service, namely the systems of web-hosting company Epik, causing mischief...

Source

Ahmed Humble reports that 41,485 Texans may have had personal and protected health information exposed in a data breach involving a Houston-based Blue Fish Pediatrics. The breach reportedly occurred between July 11 and July 17, 2025, but patients are only first being notified now. The types of information included: Full names Dates of birth Social...

Source

Emily Hill reports: One Medical, the primary care provider acquired by Amazon in 2023, is facing questions after the cybercriminal group ShinyHunters claimed it stole 8.8 terabytes of company data and threatened to publish the information unless negotiations begin by June 22. The allegation remains unverified, and the group has not released any sample data to support...

Source

Zack Whittaker reports: A data breach at a Texas state government department allowed hackers to take the driver’s license information and passport numbers of more than 3 million people, according to the state’s attorney general. The incident is one of the largest data breaches to affect the state this year. In a data breach notice on the Texas...

Source

In Part 1,  DataBreaches published some totals and aggregate data from the recent Global Schools Group data breach. All analyses and statistics were provided to this site by FulcrumSec, who had attacked Global Schools Group (GSG) and exfiltrated the data. Data from three of GSG’s school brands were included in Part 1. Data for the...

Source

The Navigate360 (“P3”) data breach seems to finally be getting some attention in Canada. Nicole O’Reilly reports: Hamilton police say they’ve been made aware that a cybersecurity incident earlier this year affecting a U.S.-based online platform includes a breach of Crime Stoppers of Hamilton data. The P3 platform, owned by Navigate360, is under contract with...

Source

This is the first part of a two-part report of findings from the Global Schools Group data breach. All statistical analyses and findings were provided to DataBreaches by FulcrumSec, and are presented to assist those investigating the breach as well as parents and employees who might be concerned as to what types of data were...

Source

Resecurity writes: The education technology (EdTech) sector has become a prime target for cybercriminals as attacks against educational institutions and related platforms continue to escalate. With sensitive data, including student records, employee information, and payment data, stored on EdTech systems, the sector has become an appealing target for cybercriminals seeking financial gain, data exploitation, and...

Source

Yesterday, DataBreaches reported that FulcrumSec had hacked Danish pharmaceutical giant Novo Nordisk. FulcrumSec followed up on that reporting by releasing their own very detailed report on their dark web leak site about the incident and what they had acquired. This morning, DataBreaches woke up to find messages waiting on Signal from someone claiming they, too, had hacked...

Source

Danish pharma giant Novo Nordisk disclosed a cybersecurity incident last week, and although the firm’s name may not be familiar to everyone, they are a major producer of insulin and semaglutide. Semaglutide is marketed as Wegovy for weight loss and Ozempic for Type 2 diabetes. In its June 11 update, the firm stated that the...

Source