united states
US charges five linked to Scattered Spider cybercrime gang
The U.S. Justice Department has charged five suspects believed to be part of the financially motivated Scattered Spider cybercrime gang with conspiracy to commit wire fraud. Between September 2021 and April 2023, they were able to steal millions from cryptocurrency wallets using victims’ credentials stolen in SMS phishing attacks targeting dozens of targets, including both individuals […]
US space tech giant Maxar discloses employee data breach
Hackers breached U.S. satellite maker Maxar Space Systems and accessed personal data belonging to its employees, the company informs in a notification to impacted individuals. The threat actor compromised the company network about a week before the discovery of the intrusion. Immediately after discovering the unauthorized access, the company took action to prevent the hackers […]
US charges Phobos ransomware admin after South Korea extradition
Evgenii Ptitsyn, a Russian national and suspected administrator of the Phobos ransomware operation, was extradited from South Korea and is facing cybercrime charges in the United States. Phobos is a long-running ransomware-as-a-service (RaaS) operation (derived from the Crysis ransomware family) widely distributed through many affiliates. Between May 2024 and November 2024, it accounted for roughly 11% of all […]
Hacker gets 10 years in prison for extorting US healthcare provider
Robert Purbeck, a 45-year-old man from Idaho, has been sentenced to ten years in prison for hacking at least 19 organizations in the United States, stealing the personal data of more than 132,000 people, and multiple extortion attempts. As showcased in the indictment, prosecutors linked multiple data theft and blackmail incidents to Purbeck (also known online […]
HIBP notifies 57 million people of Hot Topic data breach
Have I Been Pwned warns that an alleged data breach exposed the personal information of 56,904,909 accounts for Hot Topic, Box Lunch, and Torrid customers. Hot Topic is an American retail chain specializing in counterculture-related clothing, accessories, and licensed music merchandise. The company operates over 640 stores across the United States and Canada, primarily located […]
Washington courts’ systems offline following weekend cyberattack
Court systems across Washington state have been down since Sunday when officials said “unauthorized activity” was detected on their networks. This ongoing data system outage affects all state courts’ judicial information systems, websites, and associated services. According to statements from affected state courts, the Administrative Office of the Courts (AOC) acted quickly after discovering the […]
Fidelity Investments says data breach affects over 77,000 people
Fidelity Investments, a Boston-based multinational financial services company, disclosed that the personal information of over 77,000 customers was exposed after its systems were breached in August. As one of the largest asset managers in the world, with $14.1 trillion in assets under administration and $5.5 trillion under management, Fidelity employs over 75,000 associates across 11 countries in […]
American Water shuts down online services after cyberattack
American Water, the largest publicly traded U.S. water and wastewater utility company, was forced to shut down some of its systems after a Thursday cyberattack. In a filing with the U.S. Securities and Exchange Commission (SEC), American Water said it has already hired third-party cybersecurity experts to help contain and assess the incident’s impact. It […]
Iranian hackers charged for ‘hack-and-leak’ plot to influence election
The U.S. Department of Justice unsealed an indictment charging three Iranian hackers with a “hack-and-leak” campaign that aimed to influence the 2024 U.S. presidential election. Iranian nationals Masoud Jalili, Seyyed Ali Aghamiri, and Yaser Balaghi worked for Iran’s Islamic Revolutionary Guard Corps (IRGC) to hack the accounts of current and former U.S. officials, individuals linked […]
US cracks down on spyware vendor Intellexa with more sanctions
Today, the U.S. Department of the Treasury has sanctioned five executives and one entity linked to the Intellexa Consortium for developing and distributing Predator commercial spyware. Intellexa Consortium is a network of decentralized companies that developed and sold highly intrusive spyware products marketed under the “Predator” brand. Predator spyware has allowed Intellexa customers worldwide — mostly […]