Oluwapelumi Adejumo@CryptoSlate
//
Cryptocurrency exchange Bybit has confirmed a record-breaking theft of approximately $1.46 billion in digital assets from one of its offline Ethereum wallets. The attack, which occurred on Friday, is believed to be the largest crypto heist on record. Bybit disclosed that a highly sophisticated attack resulted in the theft of more than Rs 11,972 crores in digital assets.
The theft targeted an Ethereum cold wallet, involving a manipulation of a transaction from the cold wallet to a warm wallet. This allowed the attacker to gain control and transfer the funds to an unidentified address. The incident highlights the rising trend of cryptocurrency heists, driven by the allure of profits and challenges in tracing such crimes.
Recommended read:
References :
- www.techmeme.com: ZachXBT: crypto exchange Bybit has experienced $1.46B worth of "suspicious outflows"; Bybit CEO confirms hacker took control of cold ETH wallet
- CryptoSlate: The crypto exchange ByBit has been hacked, and roughly $1.5 billion in Ethereum (ETH) has been stolen — making this one of the biggest hacks in history.
- infosec.exchange: NEW: Crypto exchange Bybit said it was hacked and suffered a loss of around $1.4 billion (~401,346 ETH) at the time of the hack.
- PCMag UK security: The Bybit exchange lost 400,000 in ETH, or about $1.4 billion, before the price began to slide, making it the biggest crypto-related hack in history.
- techcrunch.com: TechCrunch reports on the Bybit hack, disclosing a loss of approximately $1.4 billion in Ethereum.
- ciso2ciso.com: In a major cybersecurity incident, Bybit, the world’s 2nd-largest crypto exchange suffered a $1.4 billion ETH hack from a cold wallet breach.
- ciso2ciso.com: Bybit Hack: $1.4B Stolen from World’s 2nd Largest Crypto Exchange – Source:hackread.com
- cryptoslate.com: ByBit suffers $1.5 billion Ethereum heist in cold wallet breach
- www.coindesk.com: Bybit experiences USD1.46B in suspicious outflows
- BleepingComputer: Cryptocurrency exchange Bybit revealed today that an unknown attacker stole over $1.46 billion worth of cryptocurrency from one of its ETH cold wallets.
- The Cryptonomist: 3 Best Bybit Alternatives As Top CEX Is Hacked
- Gulf Business: ‘Worst hack in history’: Dubai crypto exchange Bybit suffers $1.5bn ether heist
- Anonymous ???????? :af:: Cryptocurrency exchange Bybit revealed today that an unknown attacker stole over $1.46 billion worth of cryptocurrency from one of its ETH cold wallets.
- www.bleepingcomputer.com: Hacker steals record $1.46 billion in ETH from Bybit cold wallet
- Techmeme: Bybit Loses $1.5B in Hack but Can Cover Loss, CEO Confirms (Oliver Knight/CoinDesk)
- Report Boom: Report on the Bybit crypto heist, detailing the incident and security recommendations.
- thehackernews.com: Report on the Bybit hack, highlighting the scale of the theft and its implications.
- reportboom.com: Reportboom article about Bybit's $1.46B Crypto Heist.
- www.it-daily.net: Bybit hacked: record theft of 1.5 billion US dollars
- Protos: News about the Bybit cryptocurrency exchange being hacked for over \$1.4 billion.
- The420.in: On Friday, cryptocurrency exchange Bybit disclosed that a highly sophisticated attack resulted in the theft of more than Rs 11,972 crores in digital assets from one of its offline Ethereum wallets—the largest crypto heist on record.
- TechSpot: The hackers stole the crypto from Bybit's cold wallet, an offline storage system.
- Talkback Resources: Crypto exchange Bybit was targeted in a $1.46 billion theft by the Lazarus Group, highlighting the rising trend of cryptocurrency heists driven by the allure of profits and challenges in tracing such crimes.
- www.bleepingcomputer.com: Cryptocurrency exchange Bybit revealed today that an unknown attacker stole over $1.46 billion worth of cryptocurrency from one of its ETH cold wallets.
- www.the420.in: The420.in: Biggest Crypto Heist Ever: Bybit Loses Rs 12,000+ Crore in Sophisticated Ethereum Wallet Attack!
- www.cnbc.com: This report discusses the Bybit hack, detailing the amount stolen and the potential impact on the crypto market.
- www.engadget.com: This news piece reports on the massive crypto heist from Bybit, highlighting the scale of the incident and the impact on the crypto market.
- Techmeme: Arkham says ZachXBT submitted proof that North Korea's Lazarus Group is behind Bybit's $1.5B hack, which is the largest single theft in crypto history
- BrianKrebs: Infosec exchange post describing Bybit breach.
- Talkback Resources: Bybit cryptocurrency exchange suffered a cyberattack resulting in the theft of $1.5 billion worth of digital currency, including over 400,000 ETH and stETH, with potential vulnerabilities in the Safe.global platform's user interface exploited.
- securityaffairs.com: SecurityAffairs reports Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever.
- gulfbusiness.com: ‘Worst hack in history’: Dubai crypto exchange Bybit suffers $1.5bn ether heist
- techcrunch.com: Crypto exchange Bybit says it was hacked and lost around $1.4B
- Tekedia: The cryptocurrency industry has been rocked by what is now considered the largest digital asset theft in history, as Bybit, a leading crypto exchange, confirmed on Friday that hackers stole approximately $1.4 billion worth of Ethereum (ETH) from one of its offline wallets.
- blog.checkpoint.com: What the Bybit Hack Means for Crypto Security and the Future of Multisig Protection
- Dan Goodin: Crypto exchange Bybit said it was hacked and suffered a loss of around $1.4 billion (~401,346 ETH) at the time of the hack.
- BleepingComputer: Crypto exchange Bybit revealed today that an unknown attacker stole over $1.46 billion worth of cryptocurrency from one of its ETH cold wallets.
- Security Boulevard: North Korea’s Lazarus Group Hacks Bybit, Steals $1.5 Billion in Crypto
- bsky.app: Elliptic is following the money on this ByBit hack - the biggest theft ot all time. “Within 2 hours of the theft, the stolen funds were sent to 50 different wallets, each holding approximately 10,000 ETH. These are now being systematically emptied�.
- Talkback Resources: Talkback Post about the $1.5B Bybit Hack: The Era of Operational Security Failures Has Arrived
- infosec.exchange: Reports that North Korean hackers stole $1.4 billion in crypto from Bybit.
- securityboulevard.com: North Korea's notorious Lazarus Group reportedly stole $1.5 billion in cryptocurrency from the Bybit exchange in what is being called the largest hack in the controversial market's history.
- billatnapier.medium.com: One of the Largest Hacks Ever? But Will The Hackers Be Able To Launder The Gains?
- thecyberexpress.com: thecyberexpress.com - Details on Bybit Cyberattack.
- Matthew Rosenquist: This may turn out to be the biggest hack in history! $1.5 BILLION.
- PCMag UK security: The $1.4 billion at Bybit—the largest known cryptocurrency heist in history—has been traced to the notorious Lazarus North Korean hacking group.
- www.nbcnews.com: Hackers steal $1.5 billion from exchange Bybit in biggest-ever crypto heist: Blockchain analysis firm Elliptic later linked the attack to North Korea’s Lazarus Group, a state-sponsored hacking collective
- www.pcmag.com: Researchers spot the $1.4 billion stolen from Bybit moving through cryptocurrency wallets that were used in earlier heists attributed to North Korea's Lazarus hacking group.
- siliconangle.com: $1.5B in cryptocurrency stolen from Bybit in attack linked to North Korean hackers
- www.americanbanker.com: Nearly $1.5 billion in tokens lost in Bybit crypto exchange hack
- SiliconANGLE: SiliconAngle reports on the details of the Bybit hack and links it to North Korean hackers.
- techcrunch.com: TechCrunch reports on the massive crypto heist, citing research that points to North Korean hackers as perpetrators.
- OODAloop: Reports that North Korea’s Lazarus Group APT is Behind Largest Crypto Heist Ever
- Be3: Looming Shadows: $1.5 Billion Crypto Heist Shakes Confidence in Security Measures
- Schneier on Security: Schneier on Security covers the North Korean Hackers Stealing $1.5B in Cryptocurrency.
- Dataconomy: How the Bybit hack shook the crypto world: $1.5B gone overnight
- be3.sk: Looming Shadows: $1.5 Billion Crypto Heist Shakes Confidence in Security Measures
- Risky Business: Risky Business #781 -- How Bybit oopsied $1.4bn
- cyberriskleaders.com: Bybit, a leading exchange, was hacked for USD1.4 billion in Ethereum and staked Ethereum, sending shockwaves through the digital asset community.
- www.csoonline.com: Independent investigation finds connections to the Lazarus Group.
- Cybercrime Magazine: Bybit suffers the largest crypto hack in history
- www.theguardian.com: Cyberattackers believed to be affiliated with the state-sponsored threat group pulled off the largest crypto heist reported to date, stealing $1.5 billion from exchange Bybit.
- bsky.app: Forensic investigators have discovered that North Korean Lazarus hackers stole $1.5 billion from Bybit after first breaching a Safe{Wallet} developer machine. The multisig wallet platform has also confirmed these findings in a statement issued today.
- Sergiu Gatlan: Forensic investigators have discovered that North Korean Lazarus hackers stole $1.5 billion from Bybit after first breaching a Safe{Wallet} developer machine. The multisig wallet platform has also confirmed these findings in a statement issued today.
- SecureWorld News: SecureWorld reports on the Bybit hack, attributing it to the Lazarus Group.
- OODAloop: The Largest Theft in History – Following the Money Trail from the Bybit Hack
- gbhackers.com: Researchers Uncover $1.4B in Sensitive Data Tied to ByBit Hack by Lazarus Group
- Secure Bulletin: The Lazarus Group, a notorious North Korean state-sponsored hacking collective, has once again demonstrated its sophistication and audacity with a staggering $1.5 billion cryptocurrency heist targeting Bybit, a major crypto exchange.
- Talkback Resources: "
THN Weekly Recap: From $1.5B Crypto Heist to AI Misuse & Apple’s Data Dilemma [mal]
- infosec.exchange: NEW: Hacked crypto exchange Bybit is offering $140 million in bounties to anyone who can help locate and freeze the stolen ethereum.
- CyberInsider: Record $1.5 billion Bybit hack undermines trust in crypto security
- The Register - Security: Cryptocurrency exchange Bybit, just days after suspected North Korean operatives stole $1.5 billion in Ethereum from it, has launched a bounty program to help recover its funds.
- PCMag UK security: The malicious Javascript code used in the attack could secretly modify transactions for Safe{Wallet}, a cryptocurrency wallet provider. The suspected North Korean hackers who $1.4 billion in cryptocurrency from Bybit pulled off the heist by infiltrating a digital wallet provider and tampering with its software.
- techcrunch.com: Last week, hackers stole around $1.4 billion in Ethereum cryptocurrency from crypto exchange Bybit, believed to be the largest crypto heist in history. Now the company is offering a total of $140 million in bounties for anyone who can help trace and freeze the stolen funds. Bybit’s CEO and
- securityaffairs.com: The FBI confirmed that North Korea is responsible for the record-breaking cyber heist at the crypto exchange Bybit.
- The Register - Security: The FBI has officially accused North Korea's Lazarus Group of stealing $1.5 billion in Ethereum from crypto-exchange Bybit earlier this month, and asked for help tracking down the stolen funds.
- techcrunch.com: The FBI said the North Korean government is ‘responsible’ for the hack at crypto exchange Bybit, which resulted in the theft of more than $1.4 billion in Ethereum cryptocurrency.
- Talkback Resources: FBI Says North Korea Hacked Bybit as Details of $1.5B Heist Emerge [net] [mal]
- PCMag UK security: FBI Blames North Korea for Massive $1.4 Billion Cryptocurrency Heist
- The420.in: Rs 1.27 trillion Stolen: Bybit Joins the Ranks of Crypto’s Largest Thefts – Full List Inside
- Talkback Resources: Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers [mal]
- Tekedia: Bybit Declares War on “Notorious� Lazarus Group After $1.4B Hack, Offers $140m Reward
- SecureWorld News: The FBI officially attributed the massive to North Korea's state-sponsored hacking group, TraderTraitor, more commonly known as the infamous Lazarus Group.
- ChinaTechNews.com: North Korea was behind the theft of approximately $1.5bn in virtual assets from a cryptocurrency exchange, the FBI has said, in what is being described as the biggest heist in history.
- Wallarm: Lab Wallarm discusses how Bybit’s Real-Time Blacklisting Is Thwarting a $1.5B Crypto Heist
- iHLS: Cryptocurrency exchange Bybit became the latest victim of a major cyberattack, marking what appears to be the largest crypto hack in history.
- thehackernews.com: Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers
- www.pcmag.com: FBI Blames North Korea for Massive $1.4 Billion Cryptocurrency Heist
- Dan Goodin: InfoSec Exchange Post on the FBI attribution to the Lazarus group and Bybit hack
Titiksha Srivastav@The420.in
//
Lee Enterprises, a major American media company with over 75 publications, has confirmed a ransomware attack that has disrupted operations across its network. The notorious Qilin ransomware gang has claimed responsibility for the February 3rd attack, alleging the theft of 350GB of sensitive data. This stolen data purportedly includes investor records, financial arrangements, payments to journalists and publishers, funding for tailored news stories, and even approaches to obtaining insider information. The cyberattack has resulted in widespread outages, significantly impacting the distribution of printed newspapers, subscription services, and internal business operations.
The attack has caused delays in the distribution of print publications and has partially limited online operations. Lee Enterprises anticipates a phased recovery over the next several weeks and has implemented temporary measures, including manual processing of transactions. The company has also launched a forensic investigation to determine the full extent of the breach. The Qilin ransomware group's actions have brought attention to the increasing threat facing media organizations and the importance of robust cybersecurity measures to protect sensitive information and maintain operational integrity.
Recommended read:
References :
- securityaffairs.com: SecurityAffairs: Qilin ransomware gang claimed responsibility for the Lee Enterprises attack
- www.cysecurity.news: CySecurity News: Lee Enterprises Faces Prolonged Ransomware Attack Disrupting Newspaper Operations
- The420.in: The420.in: American Media Group Hit by Cyber Attack, 75 Newspapers Disrupted & Informers’ Data Leaked
- bsky.app: The Qilin ransomware gang has claimed
responsibility for the attack at Lee Enterprises that disrupted operations on February 3, leaking samples of data they claim was stolen from the company.
- bsky.app: The Qilin ransomware gang has claimed responsibility for the attack at Lee Enterprises that disrupted operations on February 3, leaking samples of data they claim was stolen from the company.
- Information Security Buzz: Qilin Claims Lee Enterprises Ransomware Attack
- securityaffairs.com: The Qilin ransomware group claimed responsibility for the recent cyberattack on Lee Enterprises, which impacted dozens of local newspapers. Lee Enterprises, Inc. is a publicly traded American media company. It publishes 79 newspapers in 25 states, and more than
- CyberInsider: Reports that Qilin ransomware gang claimed responsibility for Lee Enterprises attack, threatens to leak stolen data
- www.cysecurity.news: reports on Ransomware
- Zack Whittaker: Lee Enterprises is still experiencing disruption and outages after a ransomware attack.
- Metacurity: UK ICO launches children's social media privacy probe, Qilin claims attack on Lee Enterprises, Polish Space Agency breached, Cellebrite zero days used to hack Serbian student's phone, Man sentenced to 24 years for putting CSAM on dark web, Canceled CFPB contracts threaten data security, much more
- Konstantin :C_H:: Qilin claims attack on Lee Enterprises,
- The420.in: Qilin ransomware group claimed responsibility for the Lee Enterprises attack.
- Kim Zetter: Reports Qilin claims attack on Lee Enterprises
- BleepingComputer: Qilin claiming responsibility for the cyberattack on Lee Enterprises.
- BleepingComputer: Qilin Ransomware Gang Claims Lee Enterprises Attack
- DataBreaches.Net: Japanese cancer hospital confirms breach; Qilin gang claims responsibility
- The Register - Security: Qilin ransomware gang claims attacks on cancer clinic, OB-GYN facility
- www.cysecurity.news: Qilin Ransomware Outfit Claims Credit for Lee Enterprises Breach
- www.scworld.com: The ransomware group Qilin has taken credit for the cyberattack on Lee Enterprises.
Amar Ćemanović@CyberInsider
//
Japanese telecom giant NTT Communications has confirmed a data breach impacting nearly 18,000 corporate customers. The company discovered unauthorized access to its internal systems on February 5, 2025. Hackers are reported to have accessed details of these organizations, potentially compromising sensitive data.
The stolen data includes customer names, contract numbers, phone numbers, email addresses, physical addresses, and information on service usage belonging to 17,891 organizations, according to NTT Com. While NTT Com has restricted access to compromised devices and disconnected another compromised device, the specific nature of the cyberattack and the identity of the perpetrators remain unknown. It’s not yet known how many individuals had personal data stolen.
Recommended read:
References :
- Carly Page: Japanese telecom giant NTT Communications says hackers stole the data of almost 18,000 corporate customers during a February cyberattack. It’s not yet known how many individuals had personal data stolen or who was behind the NTT breach
- CyberInsider: NTT Communications Suffers Data Breach Impacting 18,000 Companies
- BleepingComputer: Japanese telecommunication services provider NTT Communications Corporation (NTT) is warning almost 18,000 corporate customers that their information was compromised during a cybersecurity incident.
- techcrunch.com: Japanese telecom giant NTT Com says hackers accessed details of almost 18,000 organizations
- bsky.app: Japanese telecommunication services provider NTT Communications Corporation (NTT) is warning almost 18,000 corporate customers that their information was compromised during a cybersecurity incident.
- The DefendOps Diaries: Lessons from the NTT Data Breach: A 2025 Perspective
- bsky.app: Japanese telecommunication services provider NTT Communications Corporation (NTT) is warning almost 18,000 corporate customers that their information was compromised during a cybersecurity incident.
- www.scworld.com: NTT Communications says hackers stole the data of almost 18,000 corporate customers during a February cyberattack
- securityaffairs.com: Japanese telecom giant NTT suffered a data breach that impacted 18,000 companies
Pierluigi Paganini@securityaffairs.com
//
The Belgian federal prosecutor's office is currently investigating a significant data breach of its state security service (VSSE), allegedly perpetrated by Chinese government hackers. The breach, which targeted the VSSE's external mail server, occurred between 2021 and 2023 and exploited a vulnerability in Barracuda's Email Security Gateway Appliance. This incident is considered a severe security lapse and has prompted a formal inquiry by Belgian authorities.
Approximately 10% of the VSSE's staff emails were stolen during the two-year period. While classified data remained secure, the personal information of nearly half the Belgian service's members may have been compromised, the newspaper reported.
The Chinese Embassy in Belgium has dismissed the allegations as "false information".
Recommended read:
References :
- DataBreaches.Net: Belgian prosecutor probes alleged Chinese hacking of intelligence service
- gbhackers.com: Chinese Hackers Breach Belgium State Security Service as Investigation Continues
- Carly Page: The Belgian federal prosecutor's office confirmed to TechCrunch on Friday that it is investigating an alleged data breach of its state security service (VSSE) by Chinese government hackers.Â
The hackers reportedly exploited a Barracuda ESG vulnerability to access VSSE’s external mail server between 2021 and 2023
- securityaffairs.com: China-linked threat actors stole 10% of Belgian State Security Service (VSSE)’s staff emails
- The420.in: China’s Cyber Espionage Skyrockets: 150% Surge in Attacks Uncovered
- securityaffairs.com: Belgian authorities are investigating Chinese hackers for breaching its State Security Service (VSSE), stealing 10% of emails from 2021 to May 2023.
Dissent@DataBreaches.Net
//
Major Australian IVF provider Genea has confirmed a cybersecurity incident where an unauthorized third party accessed its data. The company detected suspicious activity on its network and promptly shut down some systems and servers to investigate the extent of the breach. Genea is working to determine what specific data was compromised and is taking steps to secure its systems. The incident disrupted patient services, including phone lines, the Genea app, and email communications, causing frustration for patients who rely on the clinic's data processing systems for critical blood test data related to their IVF treatment cycles.
This cyber incident has raised concerns about the security of patient data at healthcare providers. Genea has stated that it is "urgently investigating" the incident and will contact any individuals whose personal data has been compromised. The clinic is also working to restore systems and minimize disruptions to services, assuring patients that their privacy and data security are taken very seriously. Genea has multiple clinics across Australia and is working to ensure minimal disruption to patient services.
Recommended read:
References :
- Carly Page: Australian IVF giant Genea has disclosed a cybersecurity incident that disrupted patient services and led to the access of potentially sensitive information
- ciso2ciso.com: Australian IVF Clinic Suffers Data Breach Following Cyber Incident – Source: www.infosecurity-magazine.com
- www.cybersecurity-insiders.com: Genea Australia data breach and Black Basta Ransomware gang data leak Genea IVF Australia, a leading fertility service provider and one of the three largest in the country, has confirmed that it has fallen victim to a significant cyberattack, resulting in a data breach.
- DataBreaches.Net: Major Australian IVF provider Genea suffers ‘cyber incident’
- techcrunch.com: Australian IVF giant Genea has disclosed a cybersecurity incident that disrupted patient services and led to the access of potentially sensitive information
- kirbyidau.com: Incident: Australian IVF provider Genea in cyber incident | iTnews
- www.scworld.com: Cyberattack compromises leading Australian IVF provider's data
- kirbyidau.com: Kirbyidau - Australian IVF provider Genea in cyber incident | iTnews
- Carly Page: Australian IVF provider Genea confirms hackers have leaked sensitive patient data after Termite listed the firm on its dark web site. A court order prohibiting publication of the stolen data reveals that hackers breached Genea's network on January 31 to steal more than 900GB of information
- The420.in: Termite Ransomware Gang Breaches Australian IVF Giant Genea
- bsky.app: The Termite ransomware gang has claimed responsibility for breaching and stealing sensitive healthcare data belonging to Genea patients, one of Australia's largest fertility services providers.
- thecyberexpress.com: Cyberattack on Australia’s Genea: Stolen Patient Data Hits the Dark Web
@techcrunch.com
//
A data breach has impacted users of the spyware applications Cocospy and Spyic, potentially exposing sensitive personal data including messages, photos, and call logs. These consumer-grade spyware apps, sometimes called stalkerware or spouseware, covertly monitor private information on Android devices. The Cocospy breach alone exposed almost 1.8 million customer email addresses, which have been added to the Have I Been Pwned database.
TechCrunch reported on the breach and released a guide with steps for checking Android devices for stalkerware, as well as how to safely remove it. Stalkerware apps are often downloaded from outside official app stores, planted without permission, and hidden on the device to avoid detection. Signs of infection include unusual device behavior like overheating, slow performance, or excessive data usage.
Recommended read:
References :
- cyberinsider.com: A data breach in the spyware applications Cocospy and Spyic has exposed the personal data of millions of people, including sensitive information such as messages, photos, and call logs.
- haveibeenpwned.com: In February 2025, the spyware service . The Cocospy breach alone exposed almost 1.8M customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access to captured messages, photos, call logs, and more.
- Dataconomy: This stalkerware breaches your Android: Fix it now
- Zack Whittaker: We also have guidance on what you can do if you think you've been compromised by Cocospy and Spyic, which can affect both Android and iPhone/iPad users.
- Digital Information World: Secret Phone Surveillance Apps Are Stealing Data—Are You a Target?
Swagta Nath@The420.in
//
Australian IVF provider Genea has confirmed a significant cyberattack, with the Termite ransomware gang claiming responsibility for breaching their systems and stealing sensitive patient data. The hackers reportedly accessed Genea's network on January 31st and exfiltrated over 900GB of information. This breach has led to the leaking of patient data on the dark web, raising serious concerns about privacy and the potential misuse of personal health information.
A court order is in place prohibiting the publication of the stolen data, indicating the sensitive nature of the compromised information. The Termite ransomware gang, identified as the perpetrators, are now confirmed to have stolen 700GB of data.
Recommended read:
References :
- Carly Page: Australian IVF provider Genea confirms hackers have leaked sensitive patient data after Termite listed the firm on its dark web site. A court order prohibiting publication of the stolen data reveals that hackers breached Genea's network on January 31 to steal more than 900GB of information
- thecyberexpress.com: Termite ransomware group has allegedly leaked sensitive patient data following the Genea cyberattack, targeting one of Australia’s leading fertility providers.
- The420.in: The Termite ransomware gang has taken responsibility for breaching Genea, one of Australia’s largest fertility service providers, and stealing sensitive patient data.
- bsky.app:
​The Termite ransomware gang has claimed responsibility for breaching and stealing sensitive healthcare data belonging to Genea patients,
one of Australia's largest fertility services providers.
- bsky.app: BleepingComputer article on Genea Breach by Termite Ransomware Gang
- www.cysecurity.news: Australian IVF Giant Genea Suffers Data Breach Following Cyber Incident
- thecyberexpress.com: Article describing the ransomware attack on Genea IVF clinic and the subsequent data leak.
- www.cysecurity.news: Genea Cyberattack: Termite Ransomware Leaks Sensitive Patient Data
@techcrunch.com
//
UK healthcare giant HCRG Care Group, previously known as Virgin Care, is currently investigating an IT security incident after the Medusa ransomware gang claimed responsibility for breaching the company's systems. The attackers allege to have stolen troves of sensitive data, totaling 2.275 TB, and are demanding $2 million (£1.6 million) in ransom. HCRG, which runs child and family health and social services across the UK for the NHS and local authorities, is working with external forensic specialists to investigate the incident.
HCRG has stated that its services are continuing to operate safely, and patients should keep their scheduled appointments. The Medusa crew is threatening to leak the stolen information online if the ransom isn't paid by February 27th. Samples of the allegedly stolen data, which include employees’ personal information, sensitive medical records, financial records, and government identification documents, have been shared by Medusa. HCRG has notified the U.K.’s Information Commissioner’s Office and other relevant regulators about the breach.
Recommended read:
References :
- DataBreaches.Net: HCRG Care Group, a private health and social services provider, has seemingly fallen victim to the Medusa ransomware gang, which is threatening to leak what’s claimed to be stolen internal records unless a substantial ransom is paid.
- The Register: Medusa ransomware gang demands $2M from UK private health services provider 2.3 TB held to ransom as biz formerly known as Virgin Care tells us it's probing IT 'security incident' Exclusive HCRG Care Group, a private health and social services provider, has seemingly fallen victim to the Medusa ransomware gang, which is threatening to leak what's claimed to be stolen internal records unless…
- The Register - Security: HCRG Care Group, a private health and social services provider, has seemingly fallen victim to the Medusa ransomware gang, which is threatening to leak what's claimed to be stolen internal records unless a substantial ransom is paid.
- Carly Page: UK healthcare giant HCRG Care Group has confirmed it’s investigating an IT security incident after the Medusa ransomware gang claimed to have breached the company's systems to steal troves of sensitive data
- techcrunch.com: HCRG Care Group, a private health and social services provider, has seemingly fallen victim to the Medusa ransomware gang, which is threatening to leak what’s claimed to be stolen internal records unless a substantial ransom is paid.
- go.theregister.com: 2.3 TB held to ransom as biz formerly known as Virgin Care tells us it's probing IT 'security incident' Exclusive  HCRG Care Group, a private health and social services provider, has seemingly fallen victim to the Medusa ransomware gang, which is threatening to leak what's claimed to be stolen internal records unless a substantial ransom is paid.…
- Legit Security Blog: Medusa ransomware gang demands $2M from UK private health services provider
Dissent@DataBreaches.Net
//
A cybercriminal responsible for over 90 data leaks has been apprehended in Bangkok following a joint operation between the Royal Thai Police and the Singapore Police Force. The individual, known under aliases such as ALTDOS, DESORDEN, GHOSTR, and 0mid16B, targeted 65 organizations in the Asia-Pacific region and an additional 25 global targets. Between 2020 and February 2025, the hacker exfiltrated a staggering 13 terabytes of sensitive data from various sectors, including healthcare and finance.
The arrest marks a significant win in the fight against cybercrime, with authorities seizing laptops and other electronic devices during the raid in Thailand. Investigations revealed the suspect's involvement in attacks affecting multinational corporations, small businesses, and government databases across several countries, including Thailand, India, Indonesia, the UK, and the United States. The hacker allegedly worked alone, selling stolen data. The cybercriminal initially focused on Thai entities, later expanding operations across the Asia-Pacific region.
Recommended read:
References :
- gbhackers.com: Authorities Arrested Hacker Behind 90 Major Data Breaches Worldwide
- DataBreaches.Net: Criminal hacker known as ALTDOS, DESORDEN, GHOSTR and 0mid16B arrested
- CyberInsider: Cybercriminal Behind 90+ Data Leaks Arrested in Bangkok
@www.cybersecurity-insiders.com
//
Orange Group has confirmed a data breach affecting its Romanian branch after a hacker, allegedly associated with the HellCat ransomware group and known as "Rey," breached their systems. The breach resulted in the exposure of over 380,000 email addresses and other sensitive data belonging to customers, partners, and employees. The attacker claims to have stolen thousands of internal documents after infiltrating the company’s infrastructure, and demanded a ransom which Orange refused to pay.
The leaked dataset includes over 600,000 customer records, employee details, financial documents, and source code. While the breach did not impact Orange’s core services, the company acknowledges major security gaps were highlighted as attackers had access to Orange’s systems for over a month before exfiltrating the data. This incident follows a similar cyber incident reported by Orange Spain just last week, increasing concerns about data security in the telecom sector.
Recommended read:
References :
- Dataconomy: dataconomy.com on Orange Group data breach: Every step explained
- The420.in: the420.in on Orange Group Suffers Data Breach: Hacker Claims Theft of Thousands of Internal Documents
- www.cybersecurity-insiders.com: Orange Group, a telecom services provider based in France, has confirmed that one of its internal systems at its Romanian branch was breached by a cyber attacker identified as “Rey,� an individual reportedly associated with the HellCat ransomware group.
- bsky.app: French telecommunications and digital services provider Orange confirmed that a hacker breached their systems and stole company data that includes customer, partners, and employee information.
- CyberInsider: Confirmation of a data breach impacting the French telecommunications and digital service provider Orange Group, following the leak of internal documents, particularly those affecting Orange Romania.
|
|
FlagThis - #DataBreach