Data Theft
DragonForce ransomware abuses SimpleHelp in MSP supply chain attack
The DragonForce ransomware operation successfully breached a managed service provider and used its SimpleHelp remote monitoring and management (RMM) platform to steal data and deploy encryptors on downstream customers’ systems. Sophos was brought in to investigate the attack and believe the threat actors exploited a chain of older SimpleHelp vulnerabilities tracked as CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726 to […]
PowerSchool hacker pleads guilty to student data extortion scheme
A 19-year-old college student from Worcester, Massachusetts, has agreed to plead guilty to a massive cyberattack on PowerSchool that extorted millions of dollars in exchange for not leaking the personal data of millions of students and teachers. According to the U.S. Department of Justice, Matthew D. Lane pleaded guilty to four federal charges of one count […]
Coinbase data breach exposes customer info and government IDs
Coinbase, a cryptocurrency exchange with over 100 million customers, has disclosed that cybercriminals working with rogue support agents stole customer data and demanded a $20 million ransom not to publish the stolen information. The company said it would not pay the ransom but would establish a $20 million reward fund for any leads that could […]
M&S says customer data stolen in cyberattack, forces password resets
Marks and Spencer (M&S) confirms that customer data was stolen in a cyberattack last month, when ransomware was used to encrypt servers. The attack occurred on April 22, 2025, significantly impacting business operations on the retailer’s 1,400 stores, forcing it to stop accepting online orders. GeekFeed first revealed that the attacks were conducted by DragonForce ransomware affiliates utilizing Scattered […]
Ascension says recent data breach affects over 430,000 patients
Ascension, one of the largest private healthcare systems in the United States, has revealed that the personal and healthcare information of over 430,000 patients was exposed in a data breach disclosed last month. As Ascension revealed in breach notification letters sent to affected individuals in April, their information was stolen in a data theft attack that impacted […]
Google links new LostKeys data theft malware to Russian cyberspies
Since the start of the year, the Russian state-backed ColdRiver hacking group has been using new LostKeys malware to steal files in espionage attacks targeting Western governments, journalists, think tanks, and non-governmental organizations. In December, the United Kingdom and Five Eyes allies linked ColdRiver to Russia’s Federal Security Service (FSB), the country’s counterintelligence and internal security service. […]
Luna Moth extortion hackers pose as IT help desks to breach US firms
The data-theft extortion group known as Luna Moth, aka Silent Ransom Group, has ramped up callback phishing campaigns in attacks on legal and financial institutions in the United States. According to EclecticIQ researcher Arda Büyükkaya, the ultimate goal of these attacks is data theft and extortion. Luna Moth, known internally as Silent Ransom Group, are […]
Hertz confirms customer info, drivers’ licenses stolen in data breach
Car rental giant Hertz Corporation warns it suffered a data breach after customer data for its Hertz, Thrifty, and Dollar brands was stolen in the Cleo zero-day data theft attacks. “On February 10, 2025, we confirmed that Hertz data was acquired by an unauthorized third party that we understand exploited zero-day vulnerabilities within Cleo’s platform […]
Govtech giant Conduent confirms client data stolen in January cyberattack
American business services giant and government contractor Conduent disclosed today that client data was stolen in a January 2025 cyberattack. Conduent is a business services company that provides digital platforms and solutions for government and commercial clients in transportation, healthcare, customer experience, and human resources. The company has over 33,000 employees and provides services to […]
Sensata Technologies hit by ransomware attack impacting operations
Sensata Technologies (known as Sensata) has suffered a ransomware attack last weekend that encrypted parts of the company network and disrupted operations. In an 8-K filing to the U.S. Securities and Exchange Commission (SEC), Sensata says that the attack occurred on Sunday, April 6, and involved data theft, too. “The incident has temporarily impacted Sensata’s operations, […]