Just days after prosecutors in the Eastern District of Virginia recommended that Conor Fitzpatrick, aka “Pompompurin,” be sentenced to at least 15 years in prison, District Judge Leonie M. Brinkema sentenced him to time served and supervised release. As DataBreaches previously reported, Fitzpatrick, the owner of the first BreachedForums site, pleaded guilty in July to…
Category: Hack
Patient data hacked at Canberra medical centre
Steve Evans, and Lanie Tindale report: Hackers have broken into the medical records at Crace Medical Centre. An announcement to patients said: “unfortunately, our investigations have identified that patient data was accessed and taken from our systems by an unauthorised third party”. The hack happened on December 12 but patients were only texted early afternoon…
Cyberattack on Ukraine’s Kyivstar will cost parent Veon almost $100 million in sales
Reuters reports: Veon, the parent company of Ukraine’s largest mobile operator Kyivstar, will take a hit of around 3.6 billion hryvnias ($95 million) in revenue in 2024 due to a massive cyberattack in December, the Dutch telecoms group estimated on Thursday. The estimated lost revenue is associated with measures Kyivstar has taken to compensate customers…
Inside the Massive Naz.API Credential Stuffing List
Troy Hunt writes: It feels like not a week goes by without someone sending me yet another credential stuffing list. It’s usually something to the effect of “hey, have you seen the Spotify breach”, to which I politely reply with a link to my old No, Spotify Wasn’t Hacked blog post (it’s just the output of a…
Ransomware attack targets global Lutheran group
YLE reports: The Lutheran World Federation (LWF) has fallen victim to cyber extortion, Finnish news agency STT reports on Sunday. The Finnish Evangelical Lutheran Church is one of the largest members of the LWF, a global Lutheran organisation. Earlier this month perpetrators carried out ransomware attacks on the federation and released screenshots of the captured…
Fred Hutch failed to reveal threats of potential swatting attacks until this site revealed the threat. Should they have disclosed it themselves?
On December 28, DataBreaches published snippets from a chat with a threat actor (TA) who claimed to have involvement with both the Fred Hutch cyberattack and the Integris cyberattack. In the course of that exchange, the TA surprised DataBreaches by claiming that they had threatened Fred Hutch with swatting patients. From DataBreaches’ previous reporting: “So…