Update: And this, kids, is why we always say entities shouldn’t rush to claim they weren’t hacked. Bleeping Computer was able to validate some of the hackers’ claims. See their report, Penn hacker claims to have stolen 1.2 million donor records in data breach. Original report below the separator. Frederick Sutton Sinclair of CBS reports: The…
Veradigm’s Breach Claims Under Scrutiny After Dark Web Leak
Veradigm LLC is a health information technology company that provides software solutions to healthcare providers. On September 22, 2025, Veradigm filed breach notification letters with some state attorneys general. According to the notice, Veradigm learned that an unauthorized party accessed some clients’ data on December 15, 2024. The clients’ data was located in a storage…
Russian Police Bust Suspected Meduza Infostealer Developers
Mathew J. Schwartz reports: Russian police arrested “three young IT specialists” suspected of developing and selling the Meduza credential-harvesting malware. Authorities from the Ministry of Internal Affairs of Russia, together with police investigators, charged the men with developing and supplying the information-stealing malware, and tied it to an attack that breached and stole data from…
Massive Great Firewall Leak Exposes 500GB of Censorship Data
Mathura Kayir reports: In a historic breach of China’s censorship infrastructure, over 500 gigabytes of internal data were leaked from Chinese infrastructure firms associated with the Great Firewall (GFW) in September 2025. Researchers now estimate the full dump is closer to approximately 600 GB, with a single archive comprising around 500 GB alone. The material…
UK: Woman charged after NHS patients’ records accessed in data breach
Today’s reminder of the insider threat comes to us from the National Health Service in the U.K. Craig Meighan and Billy Gaddi report: A woman has been charged after Scots patients had their private medical records accessed during an NHS data breach. Reports suggest around 100 patients in NHS Lothian could have had their records…
Landmark civil penalty of AU$5.8 million issued under Australia’s Privacy Act
Charmian Aw, Melissa B. Levine, and Ciara O’Leary of Hogan Lovells write: On 9 October 2025 the Federal Court of Australia (the Court) imposed an AU$5.8 million civil penalty on Australian Clinical Labs Limited, one of Australia’s largest private hospital pathology service providers (the Company), for systemic failures that led to the unauthorised access to…