A notorious predominantly English-speaking hacking group has launched a website to extort its victims, threatening to release about a billion records stolen from companies who store their customers’ data in cloud databases hosted by Salesforce.
The loosely organized group, which has been known as Lapsus$, Scattered Spider, and ShinyHunters, has published a dedicated data leak site on the dark web, called Scattered LAPSUS$ Hunters. The website, first spotted by threat intelligence researchers on Friday and seen by TechCrunch, aims to pressure victims into paying the hackers to avoid having their stolen data published online.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- UK: NHS software provider fined £3m over data breach after ransomware attack
March 27, 2025
An NHS software provider has been fined £3m by the Information Commissioner’s Office (ICO) over security failings that led to a ransomware attack on the NHS. The Advanced Computer Software Group was fined for a breach that put personal information of 79,404 people at risk, the UK’s data protection watchdog said. The firm provides IT and ...
- UK MoD probes security breach after documents relating to Catterick Garrison found dumped in street
March 26, 2025
The Ministry of Defence is investigating after a cache of documents containing sensitive military information was found discarded in the street. The papers, some marked “official – sensitive”, were discovered spilling out of a black bin bag in the Scotswood area of Newcastle on March 16 . The BBC reported that they include details about soldiers’ ...
- Australia: Identity of hacker behind NSW court website data breach unknown
March 26, 2025
Authorities say they do not know who is behind a data breach at the NSW Department of Communities and Justice (DCJ) in which thousands of sensitive files were accessed. NSW government officials confirmed about 9,000 sensitive court files, including domestic violence orders and affidavits, were accessed from the NSW Online Reigstry last week. Attorney-General Michael Daley ...
- 23andMe is looking to sell customers’ genetic data, here’s how to delete it
March 25, 2025
Many 23andMe customers signed up to the genetic testing service in hopes of learning fun or interesting information about their past. But consumer advocates are now urging those users to request the deletion of their accounts and data from the site, to prevent their genetic information from ending up in unexpected hands. San Francisco-based 23andMe filed ...
- Oracle Cloud says it’s not true someone broke into its login servers and stole data
March 23, 2025
Oracle has straight up denied claims by a miscreant that its public cloud offering has been compromised and information stolen. A crook late last week advertised on an online cyber-crime forum what was alleged to be Oracle Cloud customer security keys and other sensitive data swiped from the IT giant. This material was said to have ...
- Longtime FBI agent charged with disclosing classified records
March 20, 2025
A longtime FBI agent has been charged with unlawfully taking and disclosing classified FBI files, according to court records reviewed by CBS News. Johnathan Buma, who specialized in national security and terror cases, has been released on $100,000 bond, with orders to appear in court in Los Angeles. Buma was arrested as he boarded an international ...