Data Breach Notification, Data Security, Fraud Management & Cybercrime DaVita’s Stolen Data Surfaced on Dark Web Following Ransomware Attack by Interlock Marianne Kolbasuk McGee ( HealthInfoSec) • August 22, 2025 Image: DaVita In a troubling development for patient data security, DaVita disclosed to federal authorities that a cyberattack attributed to…
Data Breach at Orange Belgium Exposes 850,000 Customer Records In a significant cyber incident, Orange Belgium has acknowledged a data breach that has impacted approximately 850,000 customers. The breach occurred following a targeted cyberattack on one of the company’s internal IT systems, which was identified in late July. Information compromised…
The Computer Merchant Data Breach: Lawsuit Investigation Attorneys associated with ClassAction.org are currently investigating the possibility of initiating a class action lawsuit in response to The Computer Merchant data breach. In the context of this investigation, they seek to connect with individuals who received notifications indicating that their information was…
LANSING, Mich., Aug. 22, 2025 /PRNewswire/ — The Philadelphia-based law firm Edelson Lechtzin LLP has initiated an investigation into data privacy violations stemming from a significant data breach at Aspire Rural Health System (“Aspire”). This breach, which reportedly began on or around February 13, 2025, has raised alarms regarding the…
Allianz Life Data Breach Exposes Sensitive Information: Key Details Emerge Recent reports have surfaced regarding a significant data breach involving Allianz Life, a major player in insurance and financial services. The breach has raised alarms, as sensitive information related to customers and their policies may have been compromised. Initial investigations…
AT&T Settles Class Action Lawsuits Following Major Cyber Breaches In a significant development for data security, telecommunications leader AT&T has reached settlements for two class action lawsuits triggered by dual data breaches that unfolded in 2024. These incidents were notable not only for their scale but also for the sensitive…
May 27, 2025
Data Breach / Social Engineering
The FBI has issued a warning regarding a series of social engineering attacks targeting law firms, attributed to a criminal group known as Luna Moth. This campaign has been ongoing for the past two years, utilizing IT-themed social engineering calls and callback phishing emails to gain remote access to devices and steal sensitive information for extortion purposes. Also referred to as Chatty Spider, Silent Ransom Group (SRG), Storm-0252, and UNC3753, Luna Moth has been active since at least 2022, primarily employing a tactic called callback phishing, or Telephone-Oriented Attack Delivery (TOAD), to deceive users into calling phone numbers found in seemingly innocuous phishing emails related to invoices and subscription payments. Notably, Luna Moth is the same hacking group responsible for the previous BazarCall campaigns that deployed ransomware such as Conti.
FBI Warns Law Firms of Luna Moth’s Covert Phishing Operations May 27, 2025 Data Breach / Social Engineering The Federal Bureau of Investigation (FBI) has issued a significant alert regarding a series of sophisticated social engineering attacks orchestrated by a criminal group known as Luna Moth. This group has specifically…
May 27, 2025
Data Breach / Social Engineering
The FBI has issued a warning regarding a series of social engineering attacks targeting law firms, attributed to a criminal group known as Luna Moth. This campaign has been ongoing for the past two years, utilizing IT-themed social engineering calls and callback phishing emails to gain remote access to devices and steal sensitive information for extortion purposes. Also referred to as Chatty Spider, Silent Ransom Group (SRG), Storm-0252, and UNC3753, Luna Moth has been active since at least 2022, primarily employing a tactic called callback phishing, or Telephone-Oriented Attack Delivery (TOAD), to deceive users into calling phone numbers found in seemingly innocuous phishing emails related to invoices and subscription payments. Notably, Luna Moth is the same hacking group responsible for the previous BazarCall campaigns that deployed ransomware such as Conti.
AT&T Agrees to $177 Million Settlement for Data Breach, Offering Customers Potential Compensation of Up to $7,500 In a significant development for data privacy, telecommunications giant AT&T has consented to a settlement of $177 million following a massive data breach that compromised sensitive information of millions of customers. This settlement…
Date: May 28, 2025
Category: Ransomware / Data Breach
An Iranian national has acknowledged his involvement in a major ransomware and extortion operation linked to the Robbinhood ransomware in the U.S. Sina Gholinejad (also known as Sina Ghaaf), 37, along with his accomplices, infiltrated the computer networks of multiple U.S. organizations, encrypting files and demanding Bitcoin ransoms. Arrested in North Carolina in early January, Gholinejad pleaded guilty to charges of computer fraud and abuse, as well as conspiracy to commit wire fraud. He faces up to 30 years in prison, with his sentencing set for August 2025. The U.S. Department of Justice reported that these cyberattacks led to significant disruptions and financial losses exceeding $19 million for cities like Greenville, North Carolina, and Baltimore, Maryland.
Iranian Hacker Pleads Guilty in $19 Million Robbinhood Ransomware Attack on Baltimore May 28, 2025 In a significant development in the realm of cybersecurity, an Iranian national, Sina Gholinejad, has entered a guilty plea in the United States for his role in an extensive ransomware operation that leveraged the notorious…
Date: May 28, 2025
Category: Ransomware / Data Breach
An Iranian national has acknowledged his involvement in a major ransomware and extortion operation linked to the Robbinhood ransomware in the U.S. Sina Gholinejad (also known as Sina Ghaaf), 37, along with his accomplices, infiltrated the computer networks of multiple U.S. organizations, encrypting files and demanding Bitcoin ransoms. Arrested in North Carolina in early January, Gholinejad pleaded guilty to charges of computer fraud and abuse, as well as conspiracy to commit wire fraud. He faces up to 30 years in prison, with his sentencing set for August 2025. The U.S. Department of Justice reported that these cyberattacks led to significant disruptions and financial losses exceeding $19 million for cities like Greenville, North Carolina, and Baltimore, Maryland.
