On July 13, DataBreaches reported that the Stormous gang claimed to have exfiltrated 600,000 patients’ records from North Country Healthcare (NCH) in Arizona. At the time they provided a small sample of records in .csv format and indicated that they were going to leak 100,000 records for free and sell the other 500,000 records. Because…
Gladney Adoption Center had serious data exposures in the past few months. What will they do to prevent more?
When Website Planet emailed me about an unencrypted and non-password-protected database containing 1,115,061 records with 2.49 GB of sensitive information from an adoption agency, the name Gladney Adoption Center rang a bell. I had seen that name before in the context of a data security incident. Reading the findings by Jeremiah Fowler, I was struck…
Former U.S. Soldier Pleads Guilty to Hacking and Extortion Scheme Involving Telecommunications Companies
Cameron John Wagenius, 21, a former Army soldier most recently stationed in Texas, pleaded guilty on July 15 to conspiring to hack into telecommunications companies’ databases, access sensitive records, and extort telecommunications companies by threatening to release the stolen data unless ransoms were paid. According to court documents, between April 2023 and Dec. 18, 2024,…
DOGE Denizen Marko Elez Leaked API Key for xAI
Brian Krebs reports: Marko Elez, a 25-year-old employee at Elon Musk’s Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury and Justice departments, and the Department of Homeland Security. So it should fill all Americans with a deep sense of confidence to learn that Mr. Elez…
Four people bailed after arrests over cyber attacks on M&S, Co-op and Harrods
PA News Agency reports: Four young people who were arrested for their suspected involvement in the damaging cyber attacks against Marks & Spencer, the Co-op and Harrods, have been bailed. The arrests on July 10 included a 17-year-old British man from the West Midlands, a 19-year-old Latvian man from the West Midlands, a 19-year-old British…
RansomedVC is back — and is still attacking its competitors
On July 9, RansomedVC reappeared, temporarily referring to itself as “RebornVC,” but quickly reverting to its better-known identity. Its first two victims were listed as SnapAV/Resideo (Snap One) in the U.S. and Unyleya in Brazil. No proof of claims was offered for either listing, and no deadlines were posted, but Snap One had a price…