‘Unrestrained’ Chinese Cyberattackers May Have Stolen Data From Almost Every American. Well, it’s a bit unsettling, isn’t it? The news is painting a picture of a massive cyber operation, a digital siege really, launched by China-backed actors. They’ve allegedly infiltrated networks across the globe, hitting over 80 countries and, disturbingly, potentially grabbing data on almost every single American.
The scope of this alleged attack, codenamed “Salt Typhoon,” is frankly, alarming. We’re not just talking about a few compromised websites here and there. The hackers apparently targeted a vast array of sectors. From our everyday essentials like telecom and transportation to government entities and even military infrastructure, it seems no one was truly safe.… Continue reading
A whistleblower alleges that former senior Trump administration officials at the Social Security Administration copied the names, birthdays, and Social Security numbers of over 300 million Americans to a private, less secure cloud environment. This data copy, created within the agency’s existing cloud infrastructure, is accessible to other former Department of Government Efficiency (DOGE) employees and lacks sufficient security measures. Career cybersecurity officials expressed serious concerns about the risks, including the potential need to reissue Social Security numbers. Despite these warnings, the data transfer proceeded after the Supreme Court granted DOGE team members temporary access to sensitive SSA data.
Read More
According to a whistleblower complaint, the Department of Government Efficiency (DOGE) placed the personal data of millions of Americans, including Social Security numbers, on a vulnerable server in June. The complaint, filed by the Social Security Administration’s chief data officer, Charles Borges, alleges multiple violations and a “substantial and specific threat to public health and safety.” The database, known as Numident, contains sensitive information making it a target for nefarious actors. Despite warnings of “catastrophic impact” and a high-risk assessment, the data was moved to a private cloud server with limited oversight.
Read More
Cybersecurity experts are cautioning the public about a recent breach of a US state’s National Guard network by the Salt Typhoon cyber espionage group. The DoD revealed the group maintained access for almost a year, potentially accessing sensitive military and law enforcement data, including administrator credentials and network diagrams. This data theft included configuration files for critical national infrastructure organizations and state government agencies, raising concerns about potential follow-on attacks. The incident, part of a larger campaign linked to Chinese-backed hackers, highlights the group’s proficiency and the urgent need for improved cybersecurity measures, including Zero Trust adoption and breach containment strategies across all US government networks.
Read More
On July 17, Ukrainian military intelligence (HUR) reportedly launched a cyberattack against Gazprom, Russia’s state-owned energy giant, causing significant disruptions. The attack allegedly targeted systems used by Gazprom and its subsidiaries, which Ukraine claims support the Russian war effort. The operation resulted in the destruction of data, the installation of damaging software, and the disabling of internal systems for thousands of administrators across hundreds of subsidiaries. The Kyiv Independent could not independently verify these claims, and neither Gazprom nor Russian authorities have commented publicly.
Read More
Cybernews researchers uncovered 30 datasets containing 16 billion compromised login credentials, a figure exceeding the global population and suggesting multiple account compromises per individual. This massive collection of data, likely gathered from numerous breaches over time by infostealers, was briefly publicly accessible before being discovered. While the current location of the data remains unknown, the incident underscores the growing need for robust cybersecurity practices. Experts recommend password changes, unique credentials across platforms, and the use of password managers or multi-factor authentication to mitigate future risks.
Read More
Governor Newsom’s accusation that former President Trump handed over Californians’ personal information to Homeland Security highlights a serious breach of privacy. This alleged action directly contradicts California’s stringent privacy laws, placing the personal data of millions at risk. The scale of this potential violation is immense, impacting not only Californians but also residents of other states, raising fundamental questions about the balance of power between state and federal governments.
The sheer volume of personal data potentially compromised is alarming. This isn’t just about names and addresses; it could encompass sensitive financial information, medical records, and even political affiliations – all highly vulnerable to misuse and exploitation.… Continue reading
On April 18th, the City of Abilene suffered a ransomware attack by the Russian group Qilin, resulting in the theft of 477 gigabytes of data and the shutdown of multiple city departments. Qilin demands a ransom by May 27th, threatening data release on the dark web if payment isn’t made; however, paying ransoms is not recommended due to the high costs of recovery and no guarantee of compliance. Cybersecurity expert Sai Huda advises Abilene residents to strengthen their personal security measures, and the city is working with professionals to fully eliminate the malware and prevent future attacks. The city confirms its decision to not pay the ransom and apologizes for service disruptions.
Read More
Nineteen-year-old Matthew Lane pleaded guilty to hacking PowerSchool, a leading education technology company, and stealing the personal data of 62 million children. Lane gained access using a stolen employee password, resulting in the largest known breach of American children’s data. His plea agreement includes a prison sentence of no less than nine years and four months for charges including obtaining information from a protected computer and aggravated identity theft. While Lane admitted to the hack, the extent of his involvement in subsequent extortion attempts remains unclear.
Read More
Matt Underwood 
John Q. Hosedrinker