Collaborate Disseminate
Lorena Mongelli reports: Reports of compromised student data and cybersecurity in schools surged statewide in 2025, according to education officials. Statewide, data incident reports rose 72%, from 384 in 2024 to 662 in 2025, an annual report issued by… Continue reading NYS school data incidents rose 72% in 2025, with 44 reported on Long Island
DocketWise is an immigration and case management solution designed for immigration attorneys. The firm informed the Maine Attorney General’s Office on April 3 of a September 1, 2025, data breach that affected the personal information of its law f… Continue reading Two data security incidents affected immigration law firms and their clients
Brian Krebs reports: An elusive hacker who went by the handle “UNKN” and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cyberc… Continue reading Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
Jessica Lyons reports: Cybercrime crews have become almost mystical entities, with security vendors assigning them names like Wizard Spider and Velvet Tempest. They hide out in hidden corners of the dark web (often accompanied by a clearnet leak site),… Continue reading Researchers didn’t want to glamorize cybercrims. So they roasted them.
Paulo Vargas reports: Your Strava runs might feel private, but a new Strava military data leak shows how easily that information can reveal more than your workout. In the latest case, activity logs have been linked to more than 500 UK military personne… Continue reading Fitness tracking under scrutiny as Strava military data leak exposes personnel
DysruptionHub reports: Gritman Medical Center began reopening clinics in Moscow, Idaho, on Friday after a cybersecurity incident disrupted outpatient care beginning early Wednesday, though the hospital and emergency department remained open throughout…. Continue reading Moscow, Idaho, clinics reopen after Gritman cyber incident
We have probably all read recommendations that cyberattack victims should not pay ransom demands because it encourages more crime, and because criminals can’t be trusted to delete data they promise to delete. But what evidence have we seen suppor… Continue reading How often do threat actors default on promises to delete data?
Unauthorized access to Auger & Auger‘s network lasted all of 25 minutes on February 17, 2026. On March 30, the North Carolina personal injury law firm notified those affected and offered them 1 year of complimentary identity protection servi… Continue reading The breach lasted 25 minutes. How long will the litigation last?
Edith Lin reports: Hong Kong’s privacy watchdog and police are investigating a large-scale data leak involving over 56,000 patients served by the Hospital Authority, which reported the unauthorised retrieval of a variety of information. The authority o… Continue reading Hong Kong Hospital Authority apologises for data breach involving 56,000 patients
Bill Toulas reports: Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. Claude Code is a terminal-based AI agent from Anthropic, designed to execute codi… Continue reading Claude Code leak used to push infostealer malware on GitHub