Collaborate Disseminate
On January 9, 2024, DataBreaches reported that French national Sébastien Raoult had been sentenced in a Seattle federal court, but might be out in 11 months. As a suspected member of ShinyHunters, Raoult (aka “Sezyo Kaizen”) had been extra… Continue reading Alleged ShinyHunters member returned to France after prison in the U.S., now facing French charges
Balaji N reports: Notorious ransomware group Brain Cipher has claimed to have breached Deloitte UK, allegedly exfiltrating over 1 terabyte of sensitive data from the professional services giant. Brain Cipher is a ransomware group that emerged in June 2… Continue reading Deloitte Hacked – Brain Cipher Ransomware Group Allegedly Stolen 1 TB of Data
Daryna Antoniuk reports: German police said they have shut down the servers and arrested one of the administrators of the country’s largest German-speaking online marketplace for illegal goods and services, including stolen data, drugs and forged docum… Continue reading Germany arrests suspected admin of country’s largest criminal marketplace
Advant Beiten writes: A law increasing administrative liability for personal data leaks was signed on 30 November 2024 (No. 420-FZ) (the “Law“). The Law will enter into force on 30 May 2025. A new article of the Criminal Code of the Russian… Continue reading Unprecedented increase in liability for personal data leaks in the Russian Federation to take effect in May 2025
DataBreaches hates reporting on an incident when the entity has not yet secured misconfigured storage, but after four months of futile efforts to get a Canadian clinic to respond to responsible disclosures, maybe publication will help get them off the … Continue reading Bolton Walk-In Clinic in Ontario: lock down your backup already!
A financial penalty of $10,000 was imposed and directions were issued to HMI Institute of Health Science for failing to put in place reasonable security arrangements to protect the personal data of former students. Case No. DP-2405-C2321 HMI Institute … Continue reading PDPC: Breach of the Protection Obligation by HMI Institute of Health Science
Background information Date of final decision: 20 May 2024 National case Legal Reference (s): Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 32 (Security of processing) Decision: … Continue reading Administrative fine of €330,000 issued to Polish medical company after a hacking incident
Sergiu Gatlan reports: Russian law enforcement has arrested and indicted notorious ransomware affiliate Mikhail Pavlovich Matveev (also known as Wazawaka, Uhodiransomwar, m1x, and Boriselcin) for developing malware and his involvement in several hackin… Continue reading Russia arrests cybercriminal Wazawaka for ties with ransomware gangs
The Irish Times reports: A cyber attack targeting acquisition and credit servicing firm Cabot involved theft of some 394,000 data files, including material related to its direct customers and its loan book, the High Court has heard. Cabot Financial (Ir… Continue reading Cyberattack on debt acquisition firm Cabot involved theft of 394,000 data files, court hears
Gemma Iso reports: The recent report from Salesforce published by the Singapore Business Review reveals a significant decline in consumer trust in Singapore companies over the past year. Nearly 74% of individuals have expressed less confidence in these… Continue reading Trust in Singapore companies dips sharply as consumers demand stricter data protection and effortless experiences