Blog Category
Cybercrime Stories
Real incident reports and case studies from our response team.
March 1, 2026 · 8 min read
Therapy Notes Turned to Threats
Vastaamo 2020 breach exposed 33K therapy records, led to patient extortion, bankruptcy, fines, and landmark “psybersecurity” reforms.
February 27, 2026 · 5 min read
From Playtime to Panic
Kido 2025 breach exposed 8,000 children’s profiles in London, with extortion threats prompting police and ICO investigations.
February 16, 2026 · 9 min read
The Lazarus Group IT Job Infiltration Scheme
North Korean operatives infiltrated Western firms via remote IT jobs, stealing data and crypto to funnel millions to the regime.
February 11, 2026 · 6 min read
How Discord.io’s Entire User Database Was Stolen
Hackers stole 760,000 Discord.io accounts in August 2023, exposed user data for sale, and forced the platform to shut down indefinitely.
January 28, 2026 · 6 min read
How Weee!’s Grocery Data Was Exposed
Hackers leaked 1.1M Weee! accounts and 11.3M orders, exposing names, addresses, and delivery details in 2023 with no class action filed. Learn why.
January 21, 2026 · 5 min read
23andMe’s Genetic Data Exposed
Attackers scraped data from 6.9M 23andMe users via credential stuffing, exposing sensitive genetic and profile information.
January 14, 2026 · 6 min read
How Coupang’s Data Was Exposed
Coupang breach exposed 33.7M accounts in 2025 after stolen auth key abuse, triggering CEO exit, probe, and record voucher payouts.
January 8, 2026 · 7 min read
The Jollibee Data Breach That Put Millions at Risk
Hackers breached Jollibee’s cloud data lake, exposing 11M records with sensitive IDs and order data, later sold online in 2024.
December 31, 2025 · 7 min read
The $1.5 Billion Bybit Cryptocurrency Heist
Lazarus hackers stole 401,000 ETH worth $1.5B from Bybit in 2025 by compromising its signing workflow and deceiving staff approvals.
December 18, 2025 · 5 min read
The Price of Patient Data
Ransomware at SimonMed exposed 1.27M patient records in 2025 after Medusa stole data and launched delayed healthcare extortion.
December 12, 2025 · 11 min read
From Health Insurance To Hostage Data
Medibank 2022 breach exposed 9.7M records via stolen vendor creds and no MFA, triggering sanctions, lawsuits, and stricter data security rules.
December 5, 2025 · 7 min read
The API Misconfiguration That Shook a Nation
Optus 2022 breach exposed 10M Australians after an open API leak, triggering privacy law reform, lawsuits, and national cyber overhaul.
November 13, 2025 · 4 min read
The Capital One Cloud Misconfiguration
Capital One 2019 breach exposed 106M records after an AWS misconfiguration and SSRF exploit, costing $270M and reshaping cloud security standards.
November 6, 2025 · 4 min read
The Night Hospitals Went Dark
Ryuk crippled UHS in 2020, disrupting 400 hospitals, costing $67M, and exposing how ransomware directly threatens patient safety.
October 30, 2025 · 5 min read
The SolarWinds Orion Supply Chain Hack of 2020
SolarWinds 2020 supply chain hack backdoored 18,000 networks via Orion updates, reshaping global cyber defense and software trust.
October 9, 2025 · 5 min read
From Ride-Sharing to Ransom
Uber’s 2016 breach exposed 57M records and a $100K cover-up, leading to record fines and the first CISO criminal conviction.
September 10, 2025 · 5 min read
Shutdown in the Lecture Hall
MTU 2023 ransomware by BlackCat shut four campuses, leaked 6GB of data, and cost €3.5M—forcing a major security overhaul.
August 27, 2025 · 6 min read
Love, Lies, and Leaks
Ashley Madison 2015 breach exposed 36M users, triggering extortion, suicides, $11M settlement, and sweeping privacy reforms
August 13, 2025 · 7 min read
Influencer Turned Cybercriminal
Hushpuppi built a global BEC empire behind Instagram fame, stole $300M+, and now serves 11 years in U.S. prison for fraud.
July 23, 2025 · 8 min read
Legal Briefs Turned Breach Fodder
HWL Ebsworth 2023 breach by ALPHV exposed 3.6TB of legal and government data, triggering injunctions and sweeping cyber reforms
July 9, 2025 · 5 min read
What Happens When Basics Fail
Snowflake 2024 credential-theft campaign hit 160+ firms, proving stale passwords and no MFA can unravel cloud security.
May 21, 2025 · 4 min read
Location Tracked, Trust Lost
Gravy Analytics 2025 breach exposed terabytes of precise location data after a stolen AWS key, igniting global privacy scrutiny.
April 23, 2025 · 5 min read
Data Heist at SRP Credit Union
SRP Federal Credit Union’s 2024 Nitrogen ransomware breach exposed ~240K members’ SSNs and financial data, triggering lawsuits and monitoring offers.
April 9, 2025 · 5 min read
The House Always Wins… Until It Doesn’t
MGM’s 2023 Scattered Spider–ALPHV attack disrupted 30+ properties, exposed 37M records, cost $110M+, and led to a $45M settlement.
March 19, 2025 · 5 min read
The Apple "Glowtime" Event Deepfake Scam
An AI deepfake of Tim Cook hijacked Apple’s “Glowtime” livestream, pushing a crypto QR scam to 355K viewers with fake returns promises.
February 5, 2025 · 4 min read
The Earl Thomas Identity Theft Case
Former NFL player Earl Thomas was targeted in a $1.9M identity theft scheme involving forged IDs, fake bank accounts, and luxury vehicle fraud.