An international cybercrime operation targeting phishing, malware and ransomware has taken down more than 45,000 malicious IP addresses and servers. Law enforcement from 72 countries and territories took part in Operation Synergia III (18 July 2025 – 31 January 2026), coordinated by INTERPOL. The operation led to the arrest of 94 people, with another 110…
The Broken Records: tracing the human cost of the 2022 British MoD leak
Harvey Depledge-Kittle writes: In February 2022, a Ministry of Defence data breach exposed sensitive personal information relating to approximately 18,700 Afghan nationals who had assisted UK forces and applied for protection. The breach was not publicly disclosed for nearly two years. From September 2023, a High Court super-injunction prohibited reporting on the breach and, initially,…
Telus Digital confirms breach after ShinyHunters claims 1 petabyte data theft
Lawrence Abrams reports: Canadian business process outsourcing giant Telus Digital has confirmed it suffered a security incident after threat actors claimed to have stolen nearly 1 petabyte of data from the company in a multi-month breach. Telus Digital is the digital services and business process outsourcing (BPO) arm of Canadian telecommunications provider Telus, providing customer support,…
China’s CERT warns OpenClaw can inflict nasty wounds
Simon Sharwood reports: China’s National Computer Network Emergency Response Technical Team has warned locals that the OpenClaw agentic AI tool poses significant security risks. In a Tuesday post to its WeChat account, the CERT warned that OpenClaw has “extremely weak default security configuration” and must therefore be handled with extreme care. The CERT is worried that attackers…
Bell Ambulance data breach impacted over 238,000 people
Pierluigi Paganini reports: Nearly 238,000 individuals are impacted by a February 2025 Bell Ambulance data breach. Bell Ambulance is a U.S.-based emergency medical services provider offering ambulance transport, paramedic care, and patient support. It serves communities with urgent medical response, interfacility transfers, and non-emergency transport, focusing on patient safety and timely care. On February 13,…
Lotte Card fined 9.6 billion won for leaking users’ social registration numbers
Korea JoongAng Daily reports: Lotte Card was fined 9.6 billion won ($6.5 million) by the Personal Information Protection Commission (PIPC) after 450,000 users’ social registration numbers were leaked. The PIPC decided to impose an administrative fine of 9.62 billion won and a penalty of 4.8 million won on Lotte Card for violations of the Personal Information…