Commentaries and Analyses – DataBreaches.Net

Plastic surgeons often store nude photos of patients with their identity information. When would we call that “negligent?”

Posted on June 14, 2025 by Dissent

Claims of “negligence” are often raised in lawsuits. DataBreaches is not a lawyer, of course, but wonders whether by now, we should consider a plastic surgeon “negligent” in their data security if they store nude photos of their patients with patient names and identity information in plain text and no strong encryption or suitable alternative…

A guilty plea in the PowerSchool case still leaves unanswered questions

Posted on June 12, 2025June 12, 2025 by Dissent

On June 6, 19-year-old Matthew D. Lane pleaded guilty in federal court in Massachusetts to one count each of conspiracy to commit cyber extortion, cyber extortion, unauthorized access to protected computers, and aggravated identity theft. The first two charges were related to an unnamed telecom company identified as “Victim 1.” The third and fourth charges…

Dutch police identify users on Cracked.io

Posted on June 11, 2025 by Dissent

Excerpts from a press release today by the Dutch Police after several investigations by the Cybercrime Team of the Zeeland-West-Brabant unit revealed that suspects had an account on the Cracked.io platform. Dutch police, in collaboration with other countries involved in Europol, were able to secure and take down servers and identify individual users. Ultimately, 126 individual…

Resource: Insider Threat reports

Posted on June 9, 2025 by Dissent

On a daily or weekly basis, DataBreaches highlights insider wrongdoing incidents and the harm they can cause. For more comprehensive compilation and analysis of the topic, readers may be interested in the Insider Threat Incidents For May 2025 report produced by the National Insider Threat Special Interest Group and Insider Threat Defense Group. Their previous…

Za: Cyber extortionist sentenced to eight years in jail

Posted on June 9, 2025 by Dissent

Admire Moyo reports on an insider wrongdoing case in South Africa: In a landmark case, a man was last week sentenced to eight years in jail for contravening South Africa’s Cyber Crimes Act. Lucky Majangandile Erasmus (36), a former employee of Ecentric Payment Systems, was sentenced by the Specialised Commercial Crimes Court after entering into…

Hearing on the Federal Government and AI

Posted on June 8, 2025June 8, 2025 by Dissent

Bruce Schneier writes: On Thursday I testified before the House Committee on Oversight and Government Reform at a hearing titled “The Federal Government in the Age of Artificial Intelligence.” The other speakers mostly talked about how cool AI was—and sometimes about how cool their own company was—but I was asked by the Democrats to specifically…