A recent survey of 500 U.S. law firms by Proton reported that one in five law firms were targeted in a cyberattack in the past year, and 8% of law firms (39% of those who reported a cyberattack) reported losing data or suffering exposure. To make matters even worse, Proton found that 65% weren’t familiar with…
Category: Of Note
Hunters International to provide free decryptors for all victims as they shut down (2)
At the beginning of 2025, it appeared that Hunters International was abandoning encrypting victims and was re-branding as World Leaks. But Hunters kept updating their leak site with new encryption incidents instead of going extortion-only and becoming World Leaks. A World Leaks spokesperson subsequently informed DataBreaches that they had parted company with Hunters International over…
Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns
Ravie Lakshmanan reports: Cybersecurity researchers are calling attention to phishing campaigns that impersonate popular brands and trick targets into calling phone numbers operated by threat actors. “A significant portion of email threats with PDF payloads persuade victims to call adversary-controlled phone numbers, displaying another popular social engineering technique known as Telephone-Oriented Attack Delivery (TOAD), also…
Bolton Walk-In Clinic patient data leak locked down (finally!)
Finally, finally, FINALLY: exposed patient files from the Bolton Walk-In Clinic in Ontario have been secured. Now that the data is locked down, we can reveal more details about a seriously frustrating data leak that remained unsecured for at least 10 months while the clinic ignored all our notifications and alerts. It’s a story that…
Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
When Cybernews published an article about a 16 billion credentials leak, some of us strongly criticized the article as irresponsible and misleading journalism. Although some people have tried to suggest that the Cybernews article had some value in highlighting infostealers, the article was so riddled with falsehoods and misleading statements that the confusion and misunderstandings…
British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
“IntelBroker” was arrested in France in February, 2025, but news of his arrest was first disclosed today by French authorities. Now the U.S. is revealing its charges against him as they seek his extradition from France. From the U.S. Attorney’s Office for the Southern District of New York, this press release: Kai West, a British…