Tim Toole reports: A ransomware attack on Business Systems House (BSH), a Middle Eastern partner of payroll provider ADP, led to Broadcom employee data theft in September 2024. Data was leaked online in December, but Broadcom wasn’t informed until May 2025. The El Dorado ransomware group claimed responsibility for the breach, which occurred as Broadcom…
Anne Arundel ransomware attack compromised confidential health data, county says
Alex Mann reports: A February cyberattack compromised confidential data of patients who received care from the Anne Arundel County Department of Health, officials said. For the first time Thursday, county officials offered greater detail about the breach that temporarily closed county government buildings and disrupted several services for residents. Officials said in a news release that the…
Australian national known as “DR32” sentenced in U.S. federal court
In a somewhat surpising turn of events, the Australian hacker known as “DR32” learned his sentence in a Colorado federal court this week. It was not the sentence most people might have expected. David Kee Crees, a 26 year-old Australian, who had also been known online as “Abdilo,” “Notavirus,” “Surivaton”, and “Grey Hat Mafia’s Bitch,”…
Alabama Man Sentenced to 14 Months in Connection with Securities and Exchange Commission X Hack that Spiked Bitcoin Prices
There’s an update to a previously reported case from the Department of Justice: WASHINGTON – An Alabama man was sentenced today to 14 months in prison and three years of supervised release for his role in the unauthorized takeover of the U.S. Securities and Exchange Commission’s (SEC) social media account on X, formerly known as…
Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations
Alexander Martin reports: Japan on Friday enacted a new law that would permit the country’s authorities to preemptively engage with adversaries through offensive cyber operations to ensure threats are suppressed before they cause significant damage. The new law, which was first mooted in 2022, is intended to help Japan strengthen its cyber defense “to a level equal…
Breachforums Boss “Pompompurin” to Pay $700k in Healthcare Breach
There’s an update to breach previously reported here in 2023. Brian Krebs reports: In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for sale on the forum in…