Tag: extortion
-
ShinyHunters swipes right on 10M records in alleged dating app data grab
Extortion crew says it’s found love in someone else’s info as Match Group plays down the impact First seen on theregister.com Jump to article: www.theregister.com/2026/01/29/shinyhunters_match_group/
-
Ransomware Victim Numbers Rise, Despite Drop in Active Extortion Groups
Ransomware victims surged in Q4 2025 despite fewer active extortion groups, with data leaks rising 50%, ReliaQuest researchers report First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ransomware-numbers-rise-despite/
-
Surging Cyberattacks Boost Latin America to Riskiest Region
The region is up against tactics like data-leak extortion, credential-stealing campaigns, edge-device exploitation, and attackers leveraging AI. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/surging-cyberattacks-latin-america-riskiest-region
-
Sicarii ransomware locks your data and throws away the keys
Tags: ai, business, communications, compliance, credentials, data, encryption, extortion, finance, malware, network, ransomware, risk, vulnerabilityUnusual technical profile hints at vibe-coding: One possible explanation for Sicarii’s broken encryption flow is immature or poorly implemented development practices. The ransomware’s failure to retain usable keys is inconsistent with established ransomware design and suggests it may have been assembled without rigorous testing or a clear understanding of operational consequences, or even vibe-coded.”Halcyon assesses…
-
Nike Investigates Alleged Data Breach Tied to World Leaks
Nike is investigating World Leaks’ claims of a data breach, underscoring growing risks from data-centric extortion attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/nike-investigates-alleged-data-breach-tied-to-world-leaks/
-
Interconnectedness, extortion risk make cybersecurity a healthcare C-suite priority
A new report from Trellix reviews the biggest breaches, describes the most effective defenses and profiles the most dangerous attackers. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/health-care-cybersecurity-threats-report-trellix/810608/
-
Nike investigates data breach after extortion gang leaks files
Nike is investigating what it described as a “potential cyber security incident” after the World Leaks ransomware gang leaked 1.4 TB of files allegedly stolen from the sportswear giant. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nike-investigates-data-breach-after-extortion-gang-leaks-files/
-
WorldLeaks Extortion Group Claims It Stole 1.4TB of Nike Data
The sportswear brand is investigating an alleged breach of its network that exposed some 188,347 files of highly sensitive corporate data. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/worldeaks-extortion-group-stole-1.4tb-nike-data
-
From Cipher to Fear: The psychology behind modern ransomware extortion
Modern ransomware has shifted from encryption to psychological extortion that exploits fear, liability, and exposure. Flare shows how today’s ransomware groups weaponize stolen data and pressure tactics to force payment. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/from-cipher-to-fear-the-psychology-behind-modern-ransomware-extortion/
-
Nike Probes Possible Cybersecurity Incident Following Dark Web Claims
Nike has confirmed that it is investigating a potential cybersecurity incident after claims surfaced online that its internal data may have leaked by a cybercrime group. The same group, known for extortion-driven attacks against other companies, previously claimed the Nike cyberattack on its dark web site. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/nike-cyberattack-investigation/
-
ShinyHunters claims 2 Million Crunchbase records; company confirms breach
Crunchbase confirms a data breach after cybercrime group ShinyHunters claims to have stolen over 2 million personal records. Crunchbase confirmed a data breach after the cybercriminal group ShinyHunters claimed to steal over 2 million personal records from its systems. The group leaked a 402 MB compressed archive on their website due to a failed extortion…
-
Data thieves borrow Nike’s ‘Just Do It’ mantra, claim they ran off with 1.4TB
US sports brand launches probe after extortion crew WorldLeaks claims it stole huge dataset First seen on theregister.com Jump to article: www.theregister.com/2026/01/26/data_thieves_claim_nike_data_haul/
-
CISO’s predictions for 2026
Tags: access, ai, attack, authentication, automation, breach, business, ciso, cloud, control, credentials, cryptography, cyber, cyberattack, cybersecurity, data, data-breach, encryption, endpoint, extortion, finance, governance, government, healthcare, identity, infrastructure, malicious, mobile, mssp, network, password, penetration-testing, ransomware, risk, router, saas, soc, strategy, supply-chain, technology, threat, tool, vulnerability, warfareAI agents to reshape the threat landscape: But those same AI technologies are also changing the threat landscape. Toal points to a recent Anthropic report that documented the first large-scale AI-enabled cyberattack as an early warning sign. “I guarantee attackers will be more focused on using AI agents for what they want than a lot…
-
ShinyHunters claim hacks of Okta, Microsoft SSO accounts for data theft
The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach corporate SaaS platforms and steal company data for extortion. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/shinyhunters-claim-to-be-behind-sso-account-data-theft-attacks/
-
ShinyHunters claim to be behind SSO-account data theft attacks
The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach corporate SaaS platforms and steal company data for extortion. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/shinyhunters-claim-to-be-behind-sso-account-data-theft-attacks/
-
Ransomware Hackers Leak Under Armour Customer Data
Russia-Linked Ransomware Group Dumps Customer Data After Failed Extortion Attempt. Under Armour may trade on the blood, sweat, respect slogan, but a Russia-linked ransomware group hasn’t been abiding, after they stole data pertaining to 72.7 million of the athleisure giant’s customers, then leaked it on darkweb sites after saying the retailer refused to pay a…
-
13 cyber questions to better vet IT vendors and reduce third-party risk
Tags: access, api, attack, authentication, automation, best-practice, breach, business, ceo, ciso, cloud, compliance, control, credentials, credit-card, cyber, cyberattack, cybercrime, cybersecurity, data, detection, endpoint, exploit, extortion, firewall, healthcare, identity, incident response, infrastructure, insurance, international, ISO-27001, jobs, least-privilege, mfa, monitoring, network, nist, password, PCI, penetration-testing, radius, ransomware, risk, saas, sans, security-incident, service, supply-chain, threat, update, vpn, vulnerabilityVital vendor questions CISOs should ask: To gain that critical information, security leaders and experts recommend CSOs ask IT partners the following cyber-specific questions. 1. What attestation will you provide to prove proper security controls are in place? These are essential, says Juan Pablo Perez-Etchegoyen, CTO for cybersecurity and compliance platform Onapsis. Some of the…
-
13 cyber questions to better vet IT vendors and reduce third-party risk
Tags: access, api, attack, authentication, automation, best-practice, breach, business, ceo, ciso, cloud, compliance, control, credentials, credit-card, cyber, cyberattack, cybercrime, cybersecurity, data, detection, endpoint, exploit, extortion, firewall, healthcare, identity, incident response, infrastructure, insurance, international, ISO-27001, jobs, least-privilege, mfa, monitoring, network, nist, password, PCI, penetration-testing, radius, ransomware, risk, saas, sans, security-incident, service, supply-chain, threat, update, vpn, vulnerabilityVital vendor questions CISOs should ask: To gain that critical information, security leaders and experts recommend CSOs ask IT partners the following cyber-specific questions. 1. What attestation will you provide to prove proper security controls are in place? These are essential, says Juan Pablo Perez-Etchegoyen, CTO for cybersecurity and compliance platform Onapsis. Some of the…
-
Fahndung nach Kopf von Black Basta
Das BKA und die ZIT fahnden nach dem mutmaßlichen Anführer der Ransomware-Gruppe Black Basta. Die Erpresserbande ist für zahlreiche Angriffe in Deutschland verantwortlich. Die Behörden gehen gegen Akteure der Ransomware-Gruppierung Black Basta vor. Dabei wurden Wohnräume in der Ukraine durchsucht und Beweismittel gesichert. Gegen den mutmaßlichen Kopf der Gruppierung wird mit Haftbefehl gefahndet, wie das Bundeskriminalamt…
-
Grubhub confirms hackers stole data in recent security breach
Food delivery platform Grubhub has confirmed a recent data breach after hackers accessed its systems, with sources telling BleepingComputer the company is now facing extortion demands. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/grubhub-confirms-hackers-stole-data-in-recent-security-breach/
-
Ransomware gangs extort victims by citing compliance violations
Tags: ai, attack, breach, compliance, data, data-breach, extortion, group, ransomware, regulation, threat, toolAI amplifies attacks: Hild points to another problem: “AI-powered tools dramatically accelerate these attacks. Criminals can now screen stolen documents for ‘material’ compliance violations within hours of a data breach, faster and more accurately than many companies can audit their own systems.”The SailPoint specialist explains: “They create detailed, legally sound complaints for authorities and set…
-
DeadLock Ransomware Group Utilizes Polygon Smart Contracts
Stealthy Group Taps Blockchain ‘EtherHiding’ to Facilitate Victim Communications. The DeadLock ransomware group, a newly emerged digital extortion group, is using blockchain smart contracts to store proxy server addresses for facilitating ransomware negotiations with victim organizations. The technique suggests the group is made up of experienced cybercriminals. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/deadlock-ransomware-group-utilizes-polygon-smart-contracts-a-30518
-
Ransomware-Banden erpressen Opfer mit Compliance-Verstößen
Ransomware-Gruppen setzen ihre Opfer vermehrt mit Compliance-Verstößen unter Druck.Ransomware-Attacken zählen nach wie vor zu den häufigsten Angriffsmethoden. Wie aktuelle Analysen zeigen, drohen Cyberbanden ihren Opfern nun vermehrt damit, Verstöße gegen Vorschriften wie die DSGVO an die Aufsichtsbehörden zu melden.So haben Forscher des Security-Anbieters Akamai bereits in den vergangenen zwei Jahren einen zunehmenden Trend bei dieser…
-
Top 3 Categories That Mostly Impact by Cyber Threats Protection Against Cyber Attack
Cybersecurity can be termed as the process of recovering programs, networks, and devices from different types of cyber threats. Over the past few years, cyber threats have evolved drastically and have put different enterprises and organizations into trouble across industries. These cyber-attacks are mainly carried out to extort money from various small and large businesses.…
-
Notorious BreachForums hacking site hit by ‘doomsday’ leak of 324,000 criminal users
Tags: access, breach, crime, cyber, cybercrime, dark-web, data, data-breach, email, extortion, group, hacking, intelligence, law, leak, password, penetration-testing, ransomware, risk, service, threatHave I Been Pwned, the data breach happened last August, two months before the police takedown of the BreachForums data extortion site after threats by Scattered Lapsus$ Hunters to use it to release one billion records stolen from Salesforce customers.This tallies with the August 11 date on the database leaked last week; that was the…
-
Ransomware Hits a Claims Giant: What the Sedgwick Breach Reveals About Modern Extortion Attacks
A recent breach disclosure reveals that claims management firm Sedgwick was targeted by the TridentLocker ransomware group, with attackers claiming to have exfiltrated sensitive data from systems supporting its government services operations before deploying ransomware, according to Cybersecurity News. While Sedgwick has not disclosed full technical details, the incident follows a well-established ransomware playbook. Attackers…
-
Neue Ransomware-Bedrohung zielt auf deutsche Unternehmen
Tags: backup, ciso, cloud, cyberattack, encryption, extortion, firewall, germany, infrastructure, intelligence, network, ransomware, threat, tool, vmware, vulnerabilityDer Ransomware-Dienst Ransomhouse nutzt jetzt eine komplexe Dual-Schlüssel-Verschlüsselung und automatisierte Angriffe auf VMware ESXi.Sicherheitsexperten haben kürzlich festgestellt, dass die Ransomware-Gruppe Jolly Scorpius ihren RaaS-(Ransomware as a Service)-Dienst Ransomhouse massiv verbessert hat. Wie das Threat-Intelligence-Team von Palo Alto Networks berichtet, nutzt die Gruppe jetzt ein fortschrittliches duales Verschlüsselungssystem.Die Angriffe basieren auf einer aktualisierten Version des Verschlüsselungs-Trojaner…