Cianan Brennan reports: Dublin’s Education and Training Board (CDETB) has been fined €125,000 by the Data Protection Commission after the personal details of 13,000 grant applicants were made available to “unauthorised persons”. The commission concluded after a six-year investigation that the ETB had breached GDPR in multiple ways by both failing to ensure sufficient security…
Category: Non-U.S.
Four REvil ransomware members released after time served on carding charges
Sergiu Gatlan reports: Four REvil ransomware members arrested in January 2022 were released by Russia on time served after they pleaded guilty to carding and malware distribution charges. As they confirmed, Andrey Bessonov, Mikhail Golovachuk, Roman Muromsky, and Dmitry Korotayev were involved in the Revil gang’s carding activities between October 2015 and January 2022, according…
Pro-Russian hackers disrupt Dutch government websites ahead of NATO summit
NL Times reports: On Monday morning, an online service used by Dutch municipalities and provinces to publish official documents was likely targeted by a digital attack, De Telegraaf reported. This has made web pages containing council and provincial council documents from regions such as Zuid-Holland and Overijssel, and cities including The Hague, Den Bosch, and Delft, difficult…
Iran-Linked Threat Actors Leak Visitors and Athletes’ Data from Saudi Games
Resecurity reports: Today (June 22, 2025) — the threat actors associated with the “Cyber Fattah” movement leaked thousands of records containing information about visitors and athletes from past Saudi Games, one of the major sports events in the Kingdom. The stolen data has been leaked in the form of SQL dumps – the actors gained unauthorized access to phpMyAdmin…
UK: Oxford City Council still investigating cyberattack from earlier this month
The home page of Oxford City Council displays an alert: “Disruption to ICT systems and services: We have been experiencing issues with some of our services following a cyber security incident. Most systems are now back online. Thank you for your patience as we work through any backlogs.” The full notice indicates that they experienced…
Hospital cyberattack investigation complete, no formal review needed (1)
Paul Pedro reports a follow-up to the massive ransomware attack on Ontario hospitals via an attack on TransForm by the Daixin threat actors: The Information and Privacy Commissioner of Ontario (IPC) has completed a review into a massive cyberattack on five regional hospitals in 2023 and found hospital officials acted “adequately.” But in its decision,…