Ransomware DataBreachToday.com

Also: Braiscompany Execs Sentenced, Addressing Bitget's Trading Anomaly
Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, stolen KiloEx funds returned, Braiscompany execs sentenced, Bitget trading anomaly, Bybit case update, SEC's new chair, eXch shuttering, Oregon attorney general sued Coinbase, new Android malware and bug in XRP Ledger.

Also, Blue Shield Breach Exposes 4.7M, Cyberattack Disrupts City Systems in Texas
This week, Cookie Bite bypasses MFA in Azure Entra ID, Microsoft fixed RDP Freezes, a ransomware attack in Catalonia, Blue Shield exposed data to Google, a cyberattack disrupted city systems in Texas, South Korean telecom breach exposed USIM data and a warning about North Korean IT deepfakes.

Incident Is Largest Health Data Breach Reported So Far to Feds in 2025
Yale New Haven Health System is notifying more than 5.5 million patients that their information was potentially among data stolen in a March hack. The incident, which is among several other recent major hacks, ranks is the largest health data breach reported to federal regulator so far this year.

Void Dokkaebi Campaigns Using Russia for Cryptocurrency Theft
North Korean hackers look north toward Russia for the internet infrastructure behind the many online scams that Pyongyang has built to funnel stolen cash into the rouge nation. Void Dokkaebi hackers participate in the North Korean scam of social engineering IT job seekers.

AI-Powered Tools Protect Containerized Environments Against Sophisticated Attacks
Container security experts skilled in AI-driven defense tools are becoming critical as organizations rely more on containerized applications. These experts must contend with ephemeral workloads, secure CI/CD pipelines and implement real-time anomaly detection to protect cloud-native environments.

European Commission Also Fines Apple 500 Million Euros
European regulators said Facebook conducted an end run around privacy regulations by requiring users to pay a monthly subscription fee or else accept that their personal data would be fed to advertisers. The European Commission fined the social media giant 200 million euros.

Breach Victim Tally Soars Since Firm Filed an Initial Breach Report in Early April
Kelly Benefits is notifying nine large clients and nearly 264,000 individuals that their sensitive personal information was potentially compromised in a December data theft incident. The tally of affected people has climbed eight-fold since the company’s first estimate earlier this month.

2019 Phishing Incident at California-Based PIH Health Affected Nearly 190,000
A regional healthcare network with three California hospitals serving Los Angeles and Orange Counties has agreed to pay federal regulators $600,000 and implement a corrective action plan to resolve potential HIPAA violations identified during an investigation into a 2019 phishing breach.

Series D Round Comes at $3.5B Valuation, Fuels Product Expansion Beyond Containers
Chainguard’s $356 million Series D haul will help it push beyond securing containers to protecting virtual machines and language libraries. CEO Dan Lorenc says customers want security that scales with open-source adoption, especially amid rising software supply chain threats.

Expert Lauds 'Textbook Cyber Crisis Communications' as M&S Details Some Disruption
It's rare to see a corporation lauded for its hacking incident communications, but British retailer Marks & Spencer has executed an admirable version of what informing the world of bad news should look like. M&S notified customers directly about the cybersecurity incident.

Bureau Endorses Enhanced Information Sharing With Global Allies to Curb Cybercrime
The FBI strongly supported recent efforts to expand information sharing with international partners and launch new efforts to curb global cybercrime, including working with Indian authorities to combat cyber-enabled financial crimes and transnational call center fraud.

Acquisition Adds Expert Team, Reachability Analysis Tech to Socket's Security Stack
With Coana's team and tools, Socket aims to strengthen its platform's ability to identify actionable vulnerabilities. The integration will help security teams eliminate busywork, focusing on high-impact issues using precomputed reachability data from open source codebases.

Hackers Targeted Critical Infrastructure for Sabotage, Data Theft
Russian and Chinese hackers targeted critical infrastructure in the Netherlands for strategic gains amid escalating tensions with Western governments, the Dutch intelligence agency said. The Netherlands witnessed a number of "cyberespionage attempts against the Dutch government."

Senior Advisers Behind 'Secure by Design' Step Down From CISA Amid Workforce Cuts
A wave of senior cybersecurity advisors is leaving the U.S. cyber defense agency amid government downsizing, raising concerns about broader national cyber defense capacities as White House plans to cut the size of the federal workforce deepens instability across critical agencies.

Ransom Threats to Be Reported Under New Australian Legislation
Australian organizations have 40 days to prepare for a new law requiring mandatory reporting of ransomware payments to authorities. The law covers about 6.5% of registered businesses which, starting May 30, must report ransomware payments within 72 hours to the Australian Signals Directorate.

Series B Investment to Boost AI, Expand Coverage Across IaaS, PaaS, SaaS, On-Prem
Data security startup Sentra has raised $50 million to expand its AI-powered classification, labeling and enforcement capabilities. With enterprise interest in secure AI adoption and risk mitigation rising, the firm will grow its team and expand support for cloud, SaaS and on-prem data governance.

North Korea Continues Refining Profit-Making Scheme, Says CrowdStrike's Adam Meyers
In recent years, cash-starved North Korea has deployed legions of domestically trained workers to secure remote IT jobs to generate revenue for the Pyongyang-based regime. They can work for many months before being spotted, said Adam Meyers, head of counter adversary operations at CrowdStrike.

Attack Combines Social Engineering and Card Emulation to Execute Real-Time Theft
Hackers are using Chinese-speaking Android malware-as-a-service SuperCard X to carry out near-field communication relay attacks, siphoning payment card data and executing live point of sale and ATM transactions. Victims receive spoofed SMS or WhatsApp alerts purporting to originate from their bank.

Faces Two Counts of Oklahoma Computer Crime Act Violations
The CEO of a small cybersecurity firm is facing two counts of violating Oklahoma's Computer Crimes Act in a case alleging that he walked into an Oklahoma City hospital and installed malware on employee computers. The case echoes other alleged hospital security incidents.