Category: Data loss
-
Smashing Security podcast #470: This AI security flaw might be impossible to fix
Smashing Security podcast #470: This AI security flaw might be impossible to fix A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels. They weren’t. And when a journalist tried to warn the company, it was lawyers…
-
Police arrest man following hack of Ajax football club
Police arrest man following hack of Ajax football club Dutch police have arrested a 35-year-old man suspected of hacking into the computer systems of Amsterdam football giant Ajax, after the personal data of hundreds of thousands of supporters was put at risk. Read more in my article on the Hot for Security blog. Graham Cluley…
-
MyPillow listed on ransomware gang’s leak site, but denies it has been breached
MyPillow listed on ransomware gang’s leak site, but denies it has been breached A notorious ransomware gang claims to have stolen MyPillow’s private data, but CEO Mike Lindell calls it a politically motivated “hit job.” With the countdown ticking toward a massive dark web leak, who is telling the truth? Read more in my article…
-
Smashing Security podcast #469: What your Oura ring won’t tell you
Smashing Security podcast #469: What your Oura ring won’t tell you CISA, the US government agency whose entire job is keeping America’s critical infrastructure safe from hackers, has had a contractor publish dozens of plain-text credentials to a public GitHub profile. Meanwhile, your Oura ring is quietly transmitting some of its data unencrypted – and…
-
Defenders fall behind, as AI rewrites the rules of a data breach
Defenders fall behind, as AI rewrites the rules of a data breach For almost 20 years, stolen credentials have been the most common route for attackers into organizations, according to the Verizon Data Breach Investigations Report (DBIR). But that’s no longer the case. Read more in my article on the Fortra blog. Graham Cluley Go…
-
FBI warns students and staff that ShinyHunters may come knocking after Canvas breach
FBI warns students and staff that ShinyHunters may come knocking after Canvas breach Having receive a ransom payment for its attack on Canvas, ShinyHunters and other extortion gangs are only likely to be further incentivised to launch similar attacks in future. Read more in my article on the Hot for Security blog. Graham Cluley Go…
-
Suspected Dream Market kingpin arrested after gold bars sent to his home address
Suspected Dream Market kingpin arrested after gold bars sent to his home address Lesson one for aspiring dark web kingpins: don’t have your laundered gold bars shipped to your home address. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
When ransomware gets physical: cybercriminals turn to threats of violence
When ransomware gets physical: cybercriminals turn to threats of violence Pay up, or we’ll pay someone to pay you a visit. Cybercrime gangs are increasingly turning to real-world threats – and even hiring local muscle to deliver the message. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
Smashing Security podcast #467: How ShinyHunters hacked the world’s biggest universities
Smashing Security podcast #467: How ShinyHunters hacked the world’s biggest universities Welcome to the largest educational data breach in history – affecting nearly 9,000 institutions, every Ivy League university, and 30 million students mid-finals. When Canvas’s parent company refused to pay and announced they had deployed “security patches” instead, the hackers were less than impressed.…
-
Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition
Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition Here’s a tip for you all. Unless you want to draw attention to yourself as a cybercriminal, don’t flaunt your diamond-encrusted “HACK THE PLANET” necklace on Snapchat, or pose as a Sopranos crime boss while the FBI is reportedly closing in. Read…
-
Iran-linked Handala hackers leak US Marines data, send chilling WhatsApp threats
Iran-linked Handala hackers leak US Marines data, send chilling WhatsApp threats US Marines stationed around the Persian Gulf have been receiving WhatsApp messages from strangers suggesting they call home and make their final goodbyes. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
Alleged Silk Typhoon hacker extradited to the United States to face charges
Alleged Silk Typhoon hacker extradited to the United States to face charges A man accused of working as a hacker for China’s Ministry of State Security has been extradited to the USA from Italy, and faces – if found guilty – the prospect of decades behind bars. Read more in my article on the Hot…
-
Smashing Security podcast #465: This developer wanted to cheat at Roblox. It cost millions
Smashing Security podcast #465: This developer wanted to cheat at Roblox. It cost millions A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach affecting hundreds of thousands of…
-
French police arrest 21-year-old “HexDex” hacker over 100 alleged data breaches
French police arrest 21-year-old “HexDex” hacker over 100 alleged data breaches A 21-year-old man suspected of conducting approximately 100 data breaches since late 2025 – including a hack of the French Ministry of National Education that exposed records on almost a quarter of a million employees – has been arrested at his home in western…
-
Smashing Security podcast #464: Rockstar got hacked. The data was junk. The secrets it revealed were not
Smashing Security podcast #464: Rockstar got hacked. The data was junk. The secrets it revealed were not A company that ran anonymous tip lines for 35,000 American schools – handling reports of bullying, weapons, and self-harm – boasted on its website that it had suffered zero security breaches in over 20 years. A hacker called…
-
Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying
Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying A hacking group claims to have broken into the flood defence system protecting Venice’s Piazza San Marco – and is offering to sell access to whoever wants it. The asking price? A frankly insulting $600. Meanwhile, Anthropic accidentally leaked…
-
Smashing Security podcast #461: This man hid $400 million in a fishing rod. Then it vanished
Smashing Security podcast #461: This man hid $400 million in a fishing rod. Then it vanished A cannabis-growing, beekeeping, gyrocopter-flying Irishman invested his drug money in Bitcoin back in 2011 – and now sits on a fortune worth $400 million. There’s just one small problem: the access codes were tucked inside his fishing rod case,…
-
Iranian hackers breach FBI director’s personal email, and post his CV and photos online
Iranian hackers breach FBI director’s personal email, and post his CV and photos online It’s not every day that you read that the head of America’s top law enforcement agency has been hacked, but then – these aren’t ordinary times. Read more in my article on the Hot for Security blog. Graham Cluley Go to…
-
World Leaks data extortion: What you need to know
World Leaks data extortion: What you need to know World Leaks is a cyber extortion operation that steals sensitive data from organizations and threatens to leak it via the dark web if a ransom is not paid. Read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
Smashing Security podcast #460: Never knock on the door of a nuclear submarine base and ask for a selfie
Smashing Security podcast #460: Never knock on the door of a nuclear submarine base and ask for a selfie A disgruntled data analyst decides that the best response to losing his contract is to steal the entire company payroll database and demand $2.5 million in Bitcoin – signing his extortion emails from a company called…
-
LeakNet ransomware: what you need to know
LeakNet ransomware: what you need to know A ransomware gang that claims to be a group of “investigative journalists”? Meet LeakNet – the group using fake CAPTCHA pages to trick employees into hacking themselves. Read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
Dutch police arrest man for “hacking” after accidentally sending him confidential files
Dutch police arrest man for “hacking” after accidentally sending him confidential files Police in The Netherlands say they have arrested a 40-year-old man on suspicion of hacking… after police officers accidentally sent him a link granting him access to their own confidential documents Read more in my article on the Hot for Security blog. Graham…
-
Polish hacker charged seven years after massive Morele.net data breach
Polish hacker charged seven years after massive Morele.net data breach A 29-year-old Polish man has been charged in connection with a data breach that exposed the personal details of around 2.5 million customers of the popular Polish e-commerce website Morele.net. Read more in my article on the Hot for Security blog. Graham Cluley Go to…
-
European Space Agency’s cybersecurity in freefall as yet another breach exposes spacecraft and mission data
European Space Agency’s cybersecurity in freefall as yet another breach exposes spacecraft and mission data It has just been a few weeks since reports emerged of the Christmas cyber attack suffered by the European Space Agency (ESA), and the situation has already become worse. Read more in my article on the Hot for Security blog.…
-
Smashing Security podcast #451: I hacked the government, and your headphones are next
Smashing Security podcast #451: I hacked the government, and your headphones are next In episode 451 of “Smashing Security,” we meet the cybercriminal who hacked the US Supreme Court, Veterans Affairs, and more – and then helpfully posted screenshots (and even someone’s blood type) on an account called “I hacked the government.” Plus we discuss…
-
Hackers get hacked, as BreachForums database is leaked
Hackers get hacked, as BreachForums database is leaked Have you ever stolen data, traded a hacking tool, or just lurked on a dark web forum believing that you are anonymous? If so, I might have some unsettling news for you. Read more in my article on the Hot for Security blog. Graham Cluley Go to…
-
pcTattletale founder pleads guilty in rare stalkerware prosecution
pcTattletale founder pleads guilty in rare stalkerware prosecution The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog. Graham Cluley…
-
Coinbase insider who sold customer data to criminals arrested in India
Coinbase insider who sold customer data to criminals arrested in India Police in India have arrested a former Coinbase customer service agent who is believed to have been bribed by cybercriminal gangs to access sensitive customer information. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
Smashing Security podcast #448: The Kindle that got pwned
Smashing Security podcast #448: The Kindle that got pwned Think your Kindle is harmless? Think again! In this episode, we unpack a Black Hat Europe talk revealing how a boobytrapped audiobook could exploit the Amazon eBook reader – potentially letting an attacker break into your account and seize control of your credit card. Plus a…
-
Gartner tells businesses to block AI browsers now
Gartner tells businesses to block AI browsers now Analyst firm Gartner has issued a blunt warning to organizations: Agentic AI browsers introduce serious new security risks and should be blocked “for the foreseeable future.” Read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
Four years later, Irish health service offers €750 to victims of ransomware attack
Four years later, Irish health service offers €750 to victims of ransomware attack Remember when a notorious ransomware gang hit the Irish Health Service back in May 2021? Four years on, and it seems victims who had their data exposed will finally receive compensation. Read more in my article on the Hot for Security blog.…
-
Asahi cyber attack spirals into massive data breach impacting almost 2 million people
Asahi cyber attack spirals into massive data breach impacting almost 2 million people Asahi Group Holdings, the makers of the popular Japanese beer Asahi Super Dry, has confirmed that the ransomware attack that disrupted its operations in late September also saw a significant data breach that affects more than 1.5 million customers and approximately 275,000…
-
State-backed spyware attacks are targeting Signal and WhatsApp users, CISA warns
State-backed spyware attacks are targeting Signal and WhatsApp users, CISA warns CISA, the US Cybersecurity and Infrastructure Security Agency, has issued a new warning that cybercriminals and state-backed hacking groups are using spyware to compromise smartphones belonging to users of popular encrypted messaging apps such as Signal, WhatsApp, and Telegram. Read more in my article…
-
Smashing Security podcast #445: The hack that brought back the zombie apocalypse
Smashing Security podcast #445: The hack that brought back the zombie apocalypse America’s airwaves are haunted by zombies again, as we dig into a decade of broadcasters leaving their hardware open to attack, giving hackers the chance to hijack TV shows, blast out fake emergency alerts, and even replace religious sermons with explicit furry podcasts.…
-
Shadow AI security breaches will hit 40% of all companies by 2030, warns Gartner
Shadow AI security breaches will hit 40% of all companies by 2030, warns Gartner Shadow AI – the use of artificial intelligence tools by employees without a company’s approval and oversight – is becoming a significant cybersecurity risk. Read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
Smashing Security podcast #444: We’re sorry. Wait, did a company actually say that?
Smashing Security podcast #444: We’re sorry. Wait, did a company actually say that? Stop the press – a company has actually said “sorry” after a data breach, and hotels are helping hackers phish their own guests. We examine a refreshingly honest breach response (and why legacy systems are still going to ruin your week), dig…
-
A miracle: A company says sorry after a cyber attack – and donates the ransom to cybersecurity research
A miracle: A company says sorry after a cyber attack – and donates the ransom to cybersecurity research One of the sad truths about this world of seemingly endless hacks and data breaches is that companies just won’t apologise. Even when customers, partners, and employees are left wondering when their data will be published by…
-
Leading AI companies accidentally leak their passwords and digital keys on GitHub – what you need to know
Leading AI companies accidentally leak their passwords and digital keys on GitHub – what you need to know Many of the world’s top artificial intelligence companies are making a simple but dangerous mistake. They are accidentally publishing their passwords and digital keys on GitHub, the popular code-sharing website that is used by millions of developers…
-
“Pay up or we share the tapes”: Hackers target massage parlour clients in blackmail scheme
“Pay up or we share the tapes”: Hackers target massage parlour clients in blackmail scheme South Korean police have uncovered a hacking operation that stole sensitive data from massage parlours and blackmailed their male clientele. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
The human cost of the UK Government’s Afghan data leak
The human cost of the UK Government’s Afghan data leak Can data leaks do real harm? Yes, they can. And so can a failure to respond appropriately. Graham Cluley Go to grahamcluley
-
Smashing Security podcast #441: Inside the mob’s million-dollar poker hack, and a Formula 1 fumble
Smashing Security podcast #441: Inside the mob’s million-dollar poker hack, and a Formula 1 fumble Basketball stars have allegedly joined forces with the mafia to fleece high-rollers in a poker scam involving hacked shufflers, covert cameras, and an X-ray card table. Meanwhile, researchers have found they could poke around an FIA driver portal to pull…
-
Smashing Security podcast #440: How to hack a prison, and the hidden threat of online checkouts
Smashing Security podcast #440: How to hack a prison, and the hidden threat of online checkouts A literal insider threat: we head to a Romanian prison where “self-service” web kiosks allowed inmates to run wild. Then we head to the checkout aisle to ask why JavaScript on payment pages went feral, and how new PCI…
-
John Bolton charged over classified emails after Iranian hack of his AOL account
John Bolton charged over classified emails after Iranian hack of his AOL account Former US national security adviser John Bolton is the latest in a line of Donald Trump’s critics to find themselves on the sharp end of charges from the US Department of Justice. Bolton, who left the White Hose in 2021 and wrote…
-
Hundreds of masked ICE agents doxxed by hackers, as personal details posted on Telegram
Hundreds of masked ICE agents doxxed by hackers, as personal details posted on Telegram Hundreds of US government officials working for the FBI, ICE, and Department of Justice have had their personal data leaked by a notorious hacking group. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
BreachForums seized, but hackers say they will still leak Salesforce data
BreachForums seized, but hackers say they will still leak Salesforce data Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
Smashing Security podcast #438: When your mouse turns snitch, and hackers grow a conscience
Smashing Security podcast #438: When your mouse turns snitch, and hackers grow a conscience Your computer’s mouse might not be as innocent as it looks – and one ransomware crew has a crisis of conscience that nobody saw coming. We talk about how something as ordinary as a web page could turn your mouse into…
-
Salesforce data breach: what you need to know
Salesforce data breach: what you need to know The Scattered LAPSUS$ Hunters hacking group claims to have accessed data from around 40 customers of Salesforce, the cloud-based customer relationship management service, stealing almost one billion records. Read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
Discord users’ data stolen by hackers in third-party data breach
Discord users’ data stolen by hackers in third-party data breach Discord has confirmed that users who contacted its customer support service have had their data stolen by hackers, who have attempted to extort a ransom from the company. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
Smashing Security podcast #437: Salesforce’s trusted domain of doom
Smashing Security podcast #437: Salesforce’s trusted domain of doom Researchers uncovered a security flaw in Salesforce’s shiny new Agentforce. The vulnerability, dubbed “ForcedLeak”, let them smuggle AI-read instructions in via humble Web-to-Lead form… and ended up spilling data for the low, low price of five dollars. And we discuss why data breach communicationss still default…
-
Your favourite phone apps might be leaking your company’s secrets
Your favourite phone apps might be leaking your company’s secrets Most of the apps on your phone are talking to a server somewhere – sending and receiving data through messages sent through APIs, the underlying infrastructure that allows apps to communicate. And here’s the problem – hackers have determined that the APIs of mobile apps,…
-
Smashing Security podcast #436: The €600,000 gold heist, powered by ransomware
Smashing Security podcast #436: The €600,000 gold heist, powered by ransomware Ransomware doesn’t just freeze computers – it can silence alarms too. And when the Natural History Museum in Paris went dark, thieves helped themselves to €600,000 worth of gold in a daring late-night heist. Meanwhile, developers have a new headache: a worm dubbed “Shai…
-
INC ransomware: what you need to know
INC ransomware: what you need to know INC is the name of a ransomware-as-a-service (RaaS) operation that first appeared in late summer 2023. Learn more about what it has been up to, and how to protect against its attacks, in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
Vastaamo psychotherapy hack: US citizen charged in latest twist of notorious data breach
Vastaamo psychotherapy hack: US citizen charged in latest twist of notorious data breach 28-year-old Daniel Lee Newhard, an American citizen living in Estonia, has been charged in relation to the notorious hack of Vastaamo, the biggest data breach in Finnish history. Read more in my article on the Hot for Security blog. Graham Cluley Go…
-
“Pompompurin” resentenced: BreachForums creator heads back behind bars
“Pompompurin” resentenced: BreachForums creator heads back behind bars Conor Brian Fitzpatrick, the creator of the notorious BreachForums hacking forum, has been resentenced to three years in prison after a US appeals court overturned his prior sentence of time served and 20 years of supervised release. Read more in my article on the Hot for Security…
-
Luxury fashion brands Gucci, Balenciaga and Alexander McQueen hacked – customer data stolen
Luxury fashion brands Gucci, Balenciaga and Alexander McQueen hacked – customer data stolen Luxury fashion group Kering – owner of the prestigious Gucci, Balenciaga, and Alexander McQueen brands, amongst others – has confirmed that hackers stole customer data from its systems in June 2025. Read more in my article on the Hot for Security blog.…
-
British rail passengers urged to stay on guard after hack signals failure
British rail passengers urged to stay on guard after hack signals failure Passengers of the UK’s state-owned London North Eastern Railway (LNER) have been warned to be vigilant after cybercriminals accessed traveller’s contact details and some information about past journeys. Read more in my article on the Hot for Security blog. Graham Cluley Go to…
-
Smashing Security podcast #434: Whopper Hackers, and AI Whoppers
Smashing Security podcast #434: Whopper Hackers, and AI Whoppers Ever wondered what would happen if Burger King left the keys to the kingdom lying around for anyone to use? Ethical hackers did – and uncovered drive-thru recordings, hard-coded passwords, and even the power to open a Whopper outlet on the moon. Meanwhile, over in Silicon…
-
Lovesac warns customers their data was breached after suspected RansomHub attack six months ago
Lovesac warns customers their data was breached after suspected RansomHub attack six months ago American furniture maker Lovesac, known for its modular couches and comfy beanbags, has warned customers that their data was breached by hackers earlier this year, and that they should remain vigilant to the threat of identity theft. Read more in my…
-
US charges suspected ransomware kingpin, and offers $10 million bounty for his capture
US charges suspected ransomware kingpin, and offers $10 million bounty for his capture A US federal court has unssealed charges against a Ukrainian national who authorities allege was a key figure behind several strains of ransomware, including LockerGoga, MegaCortex, and Nefilim. Read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
Germany charges hacker with Rosneft cyberattack in latest wake-up call for critical infrastructure
Germany charges hacker with Rosneft cyberattack in latest wake-up call for critical infrastructure A 30‑year‑old man has been charged with launching a cyberattack on the German subsidiary of Russia’s state-owned oil giant Rosneft. The cyberattack, which happened in March 2022 in the aftermath of Russia’s invasion of Ukraine, crippled the company’s operations and cost millions…
-
Sweden scrambles after ransomware attack puts sensitive worker data at risk
Sweden scrambles after ransomware attack puts sensitive worker data at risk Municipal government organisations across Sweden have found themselves impacted after a ransomware attack at a third-party software service supplier. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
Smashing Security podcast #432: Oops! I auto-filled my password into a cookie banner
Smashing Security podcast #432: Oops! I auto-filled my password into a cookie banner We unpack how some password managers can be tricked into coughing up your secrets, with a clickjacking sleight-of-hand, what website owners can do to prevent it, and how to lock down your personal password vault. Then we time-hope to the post-quantum scramble:…
-
Cephalus ransomware: What you need to know
Cephalus ransomware: What you need to know Cephalus is a relatively new ransomware operation that emerged in mid-2025, and has already been linked to a wave of high-profile data leaks. Read more about it in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
Warlock ransomware: What you need to know
Warlock ransomware: What you need to know The Warlock ransomware has hit a number of organisations including government agencies and departments, and most recently UK-based telecoms firm Colt. Read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
TeaOnHer copies everything from Tea – including the data breaches
TeaOnHer copies everything from Tea – including the data breaches TeaOnHer hasn’t stopped at copying the functionality of the original Tea app (albeit skewed towards men rating women). It also appears to have carelessly mimicked the Tea dating advice app’s recklessness when it comes to data security. Read more in my article on the Hot…
-
Hospital fined after patient data found in street food wrappers
Hospital fined after patient data found in street food wrappers A hospital in Thailand has been fined after patient’s printed records were recycled as snack bags to hold crispy crepes. Graham Cluley Go to grahamcluley
-
Ukraine claims to have hacked secrets from Russia’s newest nuclear submarine
Ukraine claims to have hacked secrets from Russia’s newest nuclear submarine Ukraine’s Defence Intelligence agency (HUR) claims that its hackers have successfully stolen secret files and classified data on a state-of-the-art Russian nuclear submarine, the “Knyaz Pozharsky.” Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
Ransomware plunges insurance company into bankruptcy
Ransomware plunges insurance company into bankruptcy Collapsed company’s founder says that its fortunes were hampered by the refusal of authorities to release the criminals’ seized funds to victims. Read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
Smashing Security podcast #428: Red flags, leaked chats, and a final farewell
Smashing Security podcast #428: Red flags, leaked chats, and a final farewell The viral women-only dating safety app Tea, built to flag red flags, gets flagged itself – after leaking over 70,000 private images and chat logs. We are talking full-on selfies, ID docs, private DMs, and a dash of 4chan creepiness. Yikes. Plus, Carole…
-
Allianz Life hit by hackers, customer and staff personal data stolen
Allianz Life hit by hackers, customer and staff personal data stolen The US insurance giant has admitted that hackers stole personal info of the “majority” of its customers and staff earlier this month. Graham Cluley Go to grahamcluley
-
French submarine secrets surface after cyber attack
French submarine secrets surface after cyber attack European defence giant Naval Group has confirmed that it is investigating an alleged cyber attack which has seen what purports to be sensitive internal data published on the internet by hackers. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
Tea Dating Advice app spills sensitive data
Tea Dating Advice app spills sensitive data A woman’s dating app designed to enhance safety and vet potential dating partners has itself suffered a serious security breach. Graham Cluley Go to grahamcluley
-
Paddy Power and BetFair have suffered a data breach
Paddy Power and BetFair have suffered a data breach Paddy Power and BetFair have warned customers that “an unauthorised third party” gained access to “limited betting account information” relating to up to 800,000 of their customers. Graham Cluley Go to grahamcluley
-
Hunters International ransomware group shuts down – but will it regroup under a new guise?
Hunters International ransomware group shuts down – but will it regroup under a new guise? The notorious Hunters International ransomware-as-a-service operation has announced that it has shut down, in a message posted on its dark web leak site. In a statement on its extortion site, the ransomware group says that it has not only “decided…
-
Catwatchful stalkerware app spills secrets of 62,000 users – including its own admin
Catwatchful stalkerware app spills secrets of 62,000 users – including its own admin Another scummy stalkerware app has spilled its guts, revealing the details of its 62,000 users – and data from thousands of victims’ infected devices. Graham Cluley Go to grahamcluley
-
Swiss government warns attackers have stolen sensitive data, after ransomware attack at Radix
Swiss government warns attackers have stolen sensitive data, after ransomware attack at Radix The Swiss government has issued a warning after a third-party service provider suffered a ransomware attack, which saw sensitive information stolen from its systems and leaked onto the dark web. Read more in my article on the Fortra blog. Graham Cluley Go…
-
BreachForums broken up? French police arrest five members of notorious cybercrime site
BreachForums broken up? French police arrest five members of notorious cybercrime site Suspected high-ranking members of one of the world’s largest online marketplaces for leaked data have been arrested by French police. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
SafePay ransomware: What you need to know
SafePay ransomware: What you need to know SafePay is a relatively new ransomware that is making a big impact. Find out how it is different from other ransomware, and read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
Aflac, one of the USA’s largest insurers, is the latest to fall “under siege” to hackers
Aflac, one of the USA’s largest insurers, is the latest to fall “under siege” to hackers The Wall Street Journal reports that Aflac is investigating a breach that may have exposed claims information, health details, Social Security numbers, and other personal data. Graham Cluley Go to grahamcluley
-
Marks & Spencer ransomware attack was good news for other retailers
Marks & Spencer ransomware attack was good news for other retailers When Marks & Spencer paused online orders after it was hit by ransomware, it was bad news for them… but GOOD news for other big online retailers. Fashion rivals like Next, John Lewis, and Zara saw a nice little bump while M&S sales floundered.…
-
Krispy Kreme hack exposed sensitive data of over 160,000 people
Krispy Kreme hack exposed sensitive data of over 160,000 people Krispy Kreme, the dispenser of delectable doughnuts, has revealed that an astonishingly wide range of personal information belonging to past and present employees, as well as members of their families, was accessed by hackers during a cyber attack last year. Read more in my article…
-
Smashing Security podcast #422: The curious case of the code copier
Smashing Security podcast #422: The curious case of the code copier A GCHQ intern forgets the golden rule of spy school — don’t take the secrets home with you — and finds himself swapping Cheltenham for a cell. Meanwhile, an Australian hacker flies too close to the sun, hacks his way into a US indictment,…
-
Bert ransomware: what you need to know
Bert ransomware: what you need to know Bert is a recently-discovered strain of ransomware that encrypts victims’ files and demands a payment for the decryption key. Read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
Smashing Security podcast #421: Toothpick flirts, Google leaks, and ICE ICE scammers
Smashing Security podcast #421: Toothpick flirts, Google leaks, and ICE ICE scammers What do a sleazy nightclub carpet, Google’s gaping privacy hole, and an international student conned by fake ICE agents have in common? This week’s episode of the “Smashing Security” podcast obviously. Graham explains how a Singaporean bug-hunter cracked Google’s defences and could brute-force…
-
Adidas customers’ personal information at risk after data breach
Adidas customers’ personal information at risk after data breach Lovers of Adidas clothes would be wise to be on their guard against phishing attacks, after the German sportswear giant revealed that a cyber attack had exposed the personal information of customers. Read more in my article on the Hot for Security blog. Graham Cluley Go…
-
3AM ransomware attack poses as a call from IT support to compromise networks
3AM ransomware attack poses as a call from IT support to compromise networks Cybercriminals are getting smarter. Not by developing new types of malware or exploiting zero-day vulnerabilities, but by simply pretending to be helpful IT support desk workers. Find out how they do it in my article on the Tripwire State of Security blog.…
-
Smashing Security podcast #418: Grid failures, Instagram scams, and Legal Aid leaks
Smashing Security podcast #418: Grid failures, Instagram scams, and Legal Aid leaks In this week’s episode, Graham investigates the mysterious Iberian Peninsula blackout (aliens? toaster? cyberattack?), Carole dives in the UK legal aid hack that exposed deeply personal data of society’s most vulnerable, and Dinah Davis recounts how Instagram scammers hijacked her daughter’s account –…
-
Prescription for disaster: Sensitive patient data leaked in Ascension breach
Prescription for disaster: Sensitive patient data leaked in Ascension breach Ascension, one of the largest private healthcare companies in the United States, has confirmed that the personal data of some 437,329 patients has been exposed following an attack by cybercriminals. Read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
Hackers hit deportation airline GlobalX, leak flight manifests, and leave an unsubtle message for “Donnie” Trump
Hackers hit deportation airline GlobalX, leak flight manifests, and leave an unsubtle message for “Donnie” Trump GlobalX Airlines, a charter airline being used by the US government for deportation flights, has been attacked by hacktivists who have made off with what they claim are detailed flight records and passenger manifests. Read more in my article…
-
LockBit ransomware gang breached, secrets exposed
LockBit ransomware gang breached, secrets exposed Oh dear, what a shame, never mind. Read more in my article on the Tripwire State of Security blog. Graham Cluley Go to grahamcluley
-
Smashing Security podcast #416: High street hacks, and Disney’s Wingdings woe
Smashing Security podcast #416: High street hacks, and Disney’s Wingdings woe Brits face empty shelves and suspended meal deals as cybercriminals hit major high street retailers, and a terminated Disney employee gets revenge with a little help with Wingdings. Plus Graham challenges Carole to a game of “Malware or metal?”, and we wonder just happens…
-
NCSC warns of IT helpdesk impersonation trick being used by ransomware gangs after UK retailers attacked
NCSC warns of IT helpdesk impersonation trick being used by ransomware gangs after UK retailers attacked The UK’s National Cyber Security Centre (NCSC) has warned the IT helpdesks of retailers to be on their guard against bogus support calls they might receive from hackers pretending to be staff locked out of their accounts. Read more…
-
21 million employee screenshots leaked in bossware breach blunder
21 million employee screenshots leaked in bossware breach blunder If you thought only your boss was peeking at your work screen, think again. Employee-monitoring tool Work Composer has committed a jaw-dropping blunder, leaving a treasure trove of millions of workplace screenshots openly accessible on the internet with no encryption in place, and no password required.…
-
Hackers access sensitive SIM card data at South Korea’s largest telecoms company
Hackers access sensitive SIM card data at South Korea’s largest telecoms company Mobile network operator SK Telecom, which serves approximately 34 million subscribers in South Korea, has confirmed that it suffered a cyber attack earlier this month that saw malware infiltrate its internal systems, and access data related to customers’ SIM cards. Read more in…
-
Insurance firm Lemonade warns of breach of thousands of driving license numbers
Insurance firm Lemonade warns of breach of thousands of driving license numbers A data breach at insurance firm Lemonade left the details of thousands of drivers’ licenses exposed for 17 months. According to the company, on March 14 2025 Lemonade learnt that a vulnerability in its online car insurance application process contained a vulnerability that…
-
RansomHouse ransomware: what you need to know
RansomHouse ransomware: what you need to know RansomHouse is a cybercrime operation that follows a Ransomware-as-a-Service (RaaS) business model, where affiliates (who do not require technical skills of their own) use the ransomware operator’s infrastructure to extort money from victims. Read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
Medusa ransomware gang claims to have hacked NASCAR
Medusa ransomware gang claims to have hacked NASCAR The Medusa ransomware-as-a-service (RaaS) claims to have compromised the computer systems of NASCAR, the United States’ National Association for Stock Car Auto Racing, and made off with more than 1TB of data. Read more in my article on the Hot for Security blog. Graham Cluley Go to…
-
King Bob pleads guilty to Scattered Spider-linked cryptocurrency thefts from investors
King Bob pleads guilty to Scattered Spider-linked cryptocurrency thefts from investors A Florida man, linked to the notorious Scattered Spider hacking gang, has pleaded guilty to charges related to cryptocurrency thefts which have netted hundreds of thousands of dollars. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley