Paging the Federal Trade Commission to Aisle 5…. The Federal Trade Commission has repeatedly emphasized the importance of having a mechanism in place to receive data security alerts or concerns. American Income Life Insurance (“AILife”), headquartered in Waco, Texas, does not provide such information on its home page or anywhere else on the site that…
Author: Dissent
NSW gov contractor uploaded Excel spreadsheet of flood victims’ data to ChatGPT
Ry Crozier brings us today’s installment of the “No Need to Hack When It’s Leaking” Files The victims of the breach are applicants to the Northern Rivers Resilient Homes Program, under which the government is offering to either buy back flood-prone homes, contribute to the cost of rebuilding, or to improve resilience such as by elevating…
Update on the emerging CL0P extortion campaign targeting Oracle E-Business Suite
UPDATE: On the emerging CL0P extortion campaign targeting Oracle E-Business Suite (EBS) customers, we can now confirm the actor likely exploited a zero-day vulnerability (CVE-2025-61882) to steal data. Here are the critical updates: ➡️ Confirmed Data Exfiltration: We’ve confirmed the actor successfully exfiltrated large volumes of data from victim environments in August 2025. During negotiations,…
Just days before its data might be leaked, Qantas Airways obtained a permanent injunction
In July, DataBreaches reported that Qantas had obtained a preliminary injunction prohibiting the publication of any customer data stolen from it in a cyberattack by “persons unknown.” Those defendants were served with the injunction via email and online means. Although Qantas did not reveal who signed the ransom note, ShinyHunters and Scattered Spider didn’t hesitate…
PowerSchool hit by Salesloft Drift campaign, but hackers claim that there is no risk of harm or ransom
As noted on Reddit, PowerSchool appears to have been one of many victims of the Salesloft Drift/Salesforce campaign by Scattered LAPSUS$ Hunters. Like many other victims, PowerSchool did not disclose the incident publicly, but they did, however, post a notice in their closed users group. The notice was removed shortly thereafter, and several people have…
More Salesforce customer attacks revealed in new leak site by Scattered LAPSUS$ Hunters (1)
In their newest escalation of activities since saying “goodbye” and then determinedly trying to create more chaos on Telegram. the Scattered LAPSUS$ Hunters collective (for lack of a better word right now), has opened up a leak site in both clear net and onion versions. In its debut, the group has targeted Salesforce, and is…