Cybersecurity researcher Jeremiah Fowler has uncovered a massive trove of exposed login credentials linked to suspected infostealer malware activity, raising serious global concerns about data privacy and identity theft. Fowler discovered a non-password-protected and unencrypted database holding more than 184 million unique usernames and passwords, totaling 47.42 GB of raw data. The breach was reported to Website Planet, and access to the database was promptly restricted following responsible disclosure to the hosting provider. The database, linked to two anonymous domains, included credentials from platforms like Facebook, Microsoft, Google, Discord, Roblox, Instagram, and even government and financial portals from around the…
Kirsten Doyle
Kirsten Doyle
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The Federal Trade Commission (FTC) has finalized a settlement order with web hosting provider GoDaddy, resolving allegations that the company misled consumers by failing to implement basic data security measures. The order, approved by a unanimous 3-0 vote, follows a series of data breaches linked to GoDaddy’s inadequate cybersecurity practices. In a complaint first announced in January 2025, the FTC charged that GoDaddy falsely marketed its services as offering “award-winning security” while neglecting to use standard protections to safeguard customer websites and data. The Commission says GoDaddy did not adopt critical cybersecurity practices such as multi-factor authentication, aggressive threat monitoring,…
Two hacking groups have claimed responsibility for cyberattacks targeting Coca-Cola, with one alleging the theft of over 23 million records. Cyber Security News reported that in posts on dark web forums, the Everest ransomware group claims to have breached Coca-Cola’s internal systems, focusing on data linked to its Middle East operations. Known for previous attacks on NASA and the Brazilian government, Everest reportedly exfiltrated sensitive and confidential company information. However, the credibility of the claim is uncertain, especially after the group’s own leak site was defaced in April. In a separate incident, the Gehenna hacking group alleges it compromised Coca-Cola…
Kettering Health is grappling with the aftermath of a ransomware attack that caused a system-wide technology outage, prompting the cancellation of elective procedures and disrupting normal operations across its 14 medical centers. On Tuesday morning, the Ohio-based health network confirmed it was experiencing a cybersecurity incident resulting from unauthorized access to its network. The attack, which deployed ransomware, has disabled parts of Kettering’s IT infrastructure and affected patient services, including its call center. The outage has led to the cancellation of all elective inpatient and outpatient procedures for Tuesday, May 20, with rescheduling underway. “Elective inpatient and outpatient procedures at…
Microsoft’s Digital Crimes Unit (DCU), working in concert with law enforcement and cybersecurity partners worldwide, has dismantled the infrastructure behind Lumma Stealer, one of the most prolific tools used by cybercriminals to steal sensitive personal and organizational data. The coordinated takedown, which culminated on 13 May, involved legal action filed in the U.S. District Court for the Northern District of Georgia. Microsoft obtained a court order to seize, suspend, and block nearly 2,300 malicious domains powering the Lumma Stealer malware, a tool responsible for hundreds of thousands of infections across the globe. Simultaneously, the U.S. Department of Justice seized Lumma’s…
Ransomware group Interlock has claimed responsibility for a cyberattack on West Lothian Council, adding the Scottish local authority to its data leak site earlier today. The gang alleges it exfiltrated a staggering 2.63 terabytes of data, comprising more than 3.3 million files and over half a million folders. A sample of the stolen data (known as a proof pack) reportedly includes images of passports, driver’s licenses, and a range of other sensitive documents. The council had previously confirmed it fell victim to a ransomware attack on 6 May, with local schools bearing the brunt of the disruption. In a public…
A group of malicious actors has been targeting PCs with a maliciously altered version of the KeePass password manager, enabling them to steal credentials and lock victims out of their systems to demand ransom payments. According to WithSecure’s Threat Intelligence team, the campaign has been active for at least eight months. During this time, attackers have been distributing trojanized KeePass installers to deploy Cobalt Strike beacons, exfiltrate credentials, and ultimately launch ransomware attacks across compromised networks. The campaign was uncovered during a ransomware investigation, where WithSecure traced the infection chain back to a fake KeePass installer. This installer was promoted…
Cybercriminals exploit search engines, mobile devices, and proxy networks to bypass security and siphon off employee salaries. A recent investigation by cybersecurity firm ReliaQuest has uncovered a sophisticated payroll fraud campaign that begins with a seemingly harmless Google search and ends with stolen paychecks. By exploiting mobile devices, search engine optimization (SEO) tactics, and vulnerable home routers, attackers could steal employee credentials and redirect their salaries into criminal-controlled accounts. It Started with a Search The breach came to light after ReliaQuest detected unauthorized access to a customer’s SAP SuccessFactors portal, a human resources platform. Once inside, the attacker quietly altered…
A UK logistics company that supplies some of the country’s biggest supermarket chains has confirmed it was hit by a ransomware attack, disrupting its operations and raising concerns about the vulnerability of smaller firms in the food supply chain. Peter Green Chilled, a Somerset-based distributor, said it was the victim of a cyberattack on Wednesday evening. The company, which supplies retailers including Tesco, Sainsbury’s, and Aldi, acknowledged the incident in an internal communication seen by the BBC. The logistics firm told the BBC’s Wake Up to Money programme that it had been issuing regular updates to clients, including temporary solutions…
Nearly half a million patients at New York-based non-profit healthcare system Catholic Health may have had their personal and medical information exposed due to a data leak. According to enterprise management solutions provider Serviceaide, an Elasticsearch database maintained for Catholic Health was inadvertently made publicly accessible, potentially compromising sensitive patient data. The company informed the Department of Health and Human Services (HHS). While Serviceaide did not find any evidence that the information was exfiltrated, it cannot definitively rule it out. “While we have no indication of identity theft or fraud in relation to this incident, the review determined the universe…