Sean Adams reports: York County officials have released a warning to residents that a “data privacy event” might have put their information at risk. County officials shared that “in early 2025, the county was notified of a possible data security incident” involving a vendor working with them. An employee of that vendor had been hired…
FTC Finalizes Order with GoDaddy over Data Security Failures
The Federal Trade Commission has finalized an order with GoDaddy settling allegations that the webhosting provider misled consumers by failing to implement data security protections, which led to several data breaches. The FTC alleged in January 2025 that despite claiming it provides “award-winning security,” GoDaddy failed to implement standard data security tools and practices to protect customers’…
Hacker steals $223 million in Cetus Protocol cryptocurrency heist
Bill Toulas reports: The decentralized exchange Cetus Protocol announced that hackers have stolen $223 million in cryptocurrency and is offering a deal to stop all legal action if the funds are returned. The project also announced a $5 million bounty to anyone providing relevant information leading to the identification and arrest of the attacker. Cetus…
Operation ENDGAME strikes again: the ransomware kill chain broken at its source
From Europol: Cybercriminals around the world have suffered a major disruption after law enforcement and judicial authorities, coordinated by Europol and Eurojust, dismantled key infrastructure behind the malware used to launch ransomware attacks. From 19 to 22 May, authorities took down some 300 servers worldwide, neutralised 650 domains, and issued international arrest warrants against 20…
Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials
Matt Burgess and Lily Hay Newman report: The possibility that data could be inadvertently exposed in a misconfigured or otherwise unsecured database is a longtime privacy nightmare that has been difficult to fully address. But the new discovery of a massive trove of 184 million records—including Apple, Facebook, and Google logins and credentials for accounts connected to multiple governments—underscores the risks…
Mysterious hacking group Careto was run by the Spanish government, sources say
Lorenzo Franceschi-Bicchierai reports: More than a decade ago, researchers at antivirus company Kaspersky identified suspicious internet traffic of what they thought was a known government-backed group, based on similar targeting and its phishing techniques. Soon, the researchers realized they had found a much more advanced hacking operation that was targeting the Cuban government, among others….