shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

251
active users

#dataleak

3 posts3 participants1 post today
Pyrzout :vm:<p>NATO Allegedly Breached – 15 Million Sensitive Military and Strategic Records Leaked Online <a href="https://dailydarkweb.net/nato-allegedly-breached-15-million-sensitive-military-and-strategic-records-leaked-online/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">dailydarkweb.net/nato-allegedl</span><span class="invisible">y-breached-15-million-sensitive-military-and-strategic-records-leaked-online/</span></a> <a href="https://social.skynetcloud.site/tags/allegedbreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>allegedbreach</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.skynetcloud.site/tags/DataBreaches" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataBreaches</span></a> <a href="https://social.skynetcloud.site/tags/cyberattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberattack</span></a> <a href="https://social.skynetcloud.site/tags/geopolitics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>geopolitics</span></a> <a href="https://social.skynetcloud.site/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://social.skynetcloud.site/tags/military" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>military</span></a> <a href="https://social.skynetcloud.site/tags/NATO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NATO</span></a></p>
Dissent Doe :cupofcoffee:<p>Well, I've had it. The firm responsible for exposed court and prosecution files from at least two states has not responded to phone calls, emails, LinkedIn messages, or contacts by their host. </p><p>On Saturday, I called the FBI tip line and let them know what's going on. Maybe the FBI will call me and ask me for the IP addresses so they can call the firm and tell them to lock down the damned shares. </p><p>Then today, I filed a formal <a href="https://infosec.exchange/tags/FTC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FTC</span></a> complaint against the firm for violation of Section 5 of the FTC Act for its inadequate security, its failure to have any procedure to receive, evaluate, and escalate third -party alerts of security issues, and for using the same password in all client installations for a Msql SQL database.</p><p>And oh, last night I learned that a court system in a third state was not only exposed, too, but was hit by ransomware in March. Lovely. </p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/FTC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FTC</span></a> <a href="https://infosec.exchange/tags/govsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>govsec</span></a> <a href="https://infosec.exchange/tags/judiciary" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>judiciary</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a></p>
Dissent Doe :cupofcoffee:<p>So as a quick update on the issue of two state courts that we know of exposing sealed records: </p><p>Last night, those of us still trying to figure out who was responsible figured it out -- it is a vendor (third-party) who is responsible for the exposed shares. </p><p>With the researcher's cooperation and input, I sent a detailed email last night to the only email address that vendor has on their website. </p><p>No reply was received, of course. </p><p>So I just called their main number... and started to tell them why I was calling, and they hung up on me.</p><p>😡 </p><p>I just called back. They didn't answer the phone, so I left a VM on their administrative offices' extension. </p><p>If the firm doesn't call me back or lock down those shares today, expect me to say more here tomorrow. </p><p>It is now 1 month since people started trying to get these shares secured. None of us are paid to do this. And getting hung up on should get the company a <a href="https://infosec.exchange/tags/CID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CID</span></a> from the <a href="https://infosec.exchange/tags/FTC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FTC</span></a> in a more perfect world -- to ask what their procedures and policies are for receiving a security alert from an external (third) party.</p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a></p>
Dissent Doe :cupofcoffee:<p>So yesterday, I emailed a state court system that appears to be linked to the exposed data I mentioned recently and that the host notified on or about July 28. </p><p>No reply was received.</p><p>Today, I sent a contact form message to the lawyer for a juvenile whose records were sealed. Sealed, except 11 of them were exposed to anyone who can access the data. I told him what was going on and suggested he contact the court and tell them to get the data secured. </p><p>No reply was received.</p><p>Today, I sent an email to the judge who ordered the juvenile's records sealed and I cc:d the district attorney. I gave them the juvenile's name, case number and that I could see all the sealed records. I urged them to have their IT or vendor call me and I could give them the IP address over the phone, etc. </p><p>No reply was received.</p><p>Dear Russia, China, and North Korea:</p><p>You do not need to hack our courts. They are leaking like sieves and do not respond when we try to tell them they need to secure the data.</p><p>Yours in total frustration,</p><p>/Dissent</p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/incident_response" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incident_response</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/WAKETHEFUCKUP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WAKETHEFUCKUP</span></a></p>
Dissent Doe :cupofcoffee:<p>Correcting this because it looks like this doesn't involve any federal court. But there are exposed sensitive records, some of which were ordered sealed. </p><p>NEW: Federal judiciary says it is boosting security after cyberattack; researcher finds new leaks</p><p>More of those frustrating leaks where, despite our best efforts, we have been unable to get the network shares locked down so far, even with the host's assistance.</p><p>This one involves two courts: and yes, we saw some files that were supposed to be sealed or confidential.</p><p><a href="https://databreaches.net/2025/08/10/federal-judiciary-says-it-is-boosting-security-after-cyberattack-researcher-finds-new-leaks/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/08/10/fe</span><span class="invisible">deral-judiciary-says-it-is-boosting-security-after-cyberattack-researcher-finds-new-leaks/</span></a></p><p><a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/govsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>govsec</span></a></p>
BeyondMachines :verified:<p>TeaOnHer app, rival to the Tea safety app leaks driver's licenses and personal data of 53,000 users</p><p>TeaOnHer, a controversial dating-related app for men, exposed personal data of approximately 53,000 users including driver's licenses, verification selfies, and private communications through critical security vulnerabilities that allow unauthorized access via publicly accessible web addresses without authentication. The breach also exposed the app creator's administrative credentials in plaintext.</p><p>****<br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/incident" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incident</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a><br><a href="https://beyondmachines.net/event_details/teaonher-app-rival-to-the-tea-safety-app-leaks-driver-s-licenses-and-personal-data-of-53000-users-1-v-a-q-o/gD2P6Ple2L" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">beyondmachines.net/event_detai</span><span class="invisible">ls/teaonher-app-rival-to-the-tea-safety-app-leaks-driver-s-licenses-and-personal-data-of-53000-users-1-v-a-q-o/gD2P6Ple2L</span></a></p>
Dissent Doe :cupofcoffee:<p>Promises, promises. </p><p>Exclusive: Brosix and Chatox promised to keep your chats secured. They didn’t.</p><p>A researcher found a misconfigured backup with -- yes, you guessed it -- everything in plaintext instead of encrypted. </p><p>Some entities that used the service are medical entities that were actually mentioning protected health information or attaching files with <a href="https://infosec.exchange/tags/PHI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHI</span></a> in the chat. </p><p>There were almost 5k Allstate employees using the service and sharing customer <a href="https://infosec.exchange/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> in files. </p><p>And oh yeah, I found one company gossiping about me and plotting against me after I notified them they were leaking tons of <a href="https://infosec.exchange/tags/PHI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHI</span></a>. I've done them a favor by not publishing all their chat logs about me. :) </p><p>There also appeared to be some "dodgy" stuff on the backup, too. </p><p>Read the details about the exposed backup in my post at <a href="https://databreaches.net/2025/08/05/exclusive-brosix-and-chatox-promised-to-keep-your-chats-secured-they-didnt/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/08/05/ex</span><span class="invisible">clusive-brosix-and-chatox-promised-to-keep-your-chats-secured-they-didnt/</span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryption</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/chatox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>chatox</span></a> <a href="https://infosec.exchange/tags/brosix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>brosix</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a></p><p><span class="h-card" translate="no"><a href="https://mastodon.social/@zackwhittaker" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>zackwhittaker</span></a></span></p>
OSTechNix<p>OpenAI Removes ChatGPT Chat Discovery Feature Over Privacy And Data Leak Concerns <a href="https://floss.social/tags/Openai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Openai</span></a> <a href="https://floss.social/tags/Chatgpt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Chatgpt</span></a> <a href="https://floss.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://floss.social/tags/Searchengine" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Searchengine</span></a> <a href="https://floss.social/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://floss.social/tags/Dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Dataleak</span></a> <br><a href="https://ostechnix.com/openai-removes-chatgpt-chat-discovery/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ostechnix.com/openai-removes-c</span><span class="invisible">hatgpt-chat-discovery/</span></a></p>
Pyrzout :vm:<p>Secrets are leaking everywhere, and bots are to blame <a href="https://www.helpnetsecurity.com/2025/07/31/enterprise-non-human-identity-risk/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">helpnetsecurity.com/2025/07/31</span><span class="invisible">/enterprise-non-human-identity-risk/</span></a> <a href="https://social.skynetcloud.site/tags/nonhumanidentities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nonhumanidentities</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/enterprise" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>enterprise</span></a> <a href="https://social.skynetcloud.site/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://social.skynetcloud.site/tags/report" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>report</span></a> <a href="https://social.skynetcloud.site/tags/Entro" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Entro</span></a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://social.skynetcloud.site/tags/bot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bot</span></a></p>
BeyondMachines :verified:<p>DOGE Employee exposes AI API Keys in source code, giving access to advanced xAI models</p><p>A Department of Government Efficiency (DOGE) employee exposed a private xAI API key on GitHub, providing unauthorized access to over 52 large language models. This is very concerning given the employee's extensive access to sensitive systems across multiple government agencies in the USA. This marks the second such xAI key exposure by DOGE personnel in recent months, indicating a pattern of operational security failures that indicate a broken security culture within the organization.</p><p>**Build a culture of not saving API keys, passwords, or any secrets directly into your code. Use environment variables or proper secret management tools instead. If leaking API key becomes a practice, consider stronger discipline and awareness measures, paired with technical scanners to detect secrets in code.**<br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/incident" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incident</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a><br><a href="https://beyondmachines.net/event_details/doge-employee-exposes-ai-api-keys-in-source-code-giving-access-to-advanced-xai-models-k-l-q-0-o/gD2P6Ple2L" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">beyondmachines.net/event_detai</span><span class="invisible">ls/doge-employee-exposes-ai-api-keys-in-source-code-giving-access-to-advanced-xai-models-k-l-q-0-o/gD2P6Ple2L</span></a></p>
Cybernews<p>McHire, McDonald's hiring chatbot platform, was protected by a default "123456" password</p><p>Read more: <a href="https://cnews.link/mcdonalds-mchire-chatbot-data-leak-8/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cnews.link/mcdonalds-mchire-ch</span><span class="invisible">atbot-data-leak-8/</span></a> <br><a href="https://infosec.exchange/tags/McDonalds" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>McDonalds</span></a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://infosec.exchange/tags/chatbot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>chatbot</span></a> <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a></p>
Dissent Doe :cupofcoffee:<p>In August 2020, <span class="h-card" translate="no"><a href="https://infosec.exchange/@SchizoDuckie" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>SchizoDuckie</span></a></span> and I published what was to become the first of a series of articles or posts called "No Need to Hack When It's Leaking."</p><p>In today's installment, I bring you "No Need to Hack When It's Leaking: Brandt Kettwick Defense Edition." It chronicles efforts by <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span>, <span class="h-card" translate="no"><a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>masek</span></a></span>, and I to alert a Minnesota law firm to lock down their exposed files, some of which were quite sensitive.</p><p>Read the post and see how even the state's Bureau of Criminal Apprehension had trouble getting this law firm to respond appropriately. </p><p><a href="https://databreaches.net/2025/07/04/no-need-to-hack-when-its-leaking-brandt-kettwick-defense-edition/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/07/04/no</span><span class="invisible">-need-to-hack-when-its-leaking-brandt-kettwick-defense-edition/</span></a></p><p>Great thanks to the Minnesota Bureau of Criminal Apprehension for their help on this one, and to <span class="h-card" translate="no"><a href="https://infosec.exchange/@TonyYarusso" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>TonyYarusso</span></a></span> and <span class="h-card" translate="no"><a href="https://hachyderm.io/@bkoehn" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bkoehn</span></a></span> for their efforts. </p><p><a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/misconfiguration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>misconfiguration</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/incidentmanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentmanagement</span></a> <a href="https://infosec.exchange/tags/responsibledisclosure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>responsibledisclosure</span></a> <a href="https://infosec.exchange/tags/securityalert" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityalert</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
Morpheus Being<p><a href="https://aus.social/tags/australia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>australia</span></a> <a href="https://aus.social/tags/Qantas" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Qantas</span></a> <a href="https://aus.social/tags/DataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataLeak</span></a> <a href="https://aus.social/tags/Hack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hack</span></a> <a href="https://aus.social/tags/MWM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MWM</span></a></p><p><a href="https://michaelwest.com.au/news/legal-risk-on-qantas-radar-as-hack-victims-face-scams/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">michaelwest.com.au/news/legal-</span><span class="invisible">risk-on-qantas-radar-as-hack-victims-face-scams/</span></a></p>
Dissent Doe :cupofcoffee:<p>When Cybernews published an article about a 16 billion credentials leak, some of us strongly criticized the article as irresponsible and misleading journalism. Although some people have tried to suggest that the Cybernews article had some value in highlighting infostealers, the article was so riddled with falsehoods and misleading statements that the confusion and misunderstandings it created outweighs any benefit one might try to ascribe to it.</p><p>To his credit, <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span> and a colleague have taken the time to analyze the datasets used in Cybernews‘ reporting and to fact-check their reporting with actual data and proof from their own research. </p><p>He has now written up their findings, in which they identified no less than five significant false claims by Cybernews. You can read his report here:</p><p><a href="https://jltee.substack.com/p/fact-checking-claims-by-cybernews" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">jltee.substack.com/p/fact-chec</span><span class="invisible">king-claims-by-cybernews</span></a></p><p><a href="https://infosec.exchange/tags/journalism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>journalism</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/infostealers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infostealers</span></a></p>
Dissent Doe :cupofcoffee:<p>With great thanks to <span class="h-card" translate="no"><a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>masek</span></a></span> and <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span> and others who assisted or tried to, including Rogers ISP and law enforcement in Canada, we can finally say:</p><p>Bolton Walk-In Clinic patient data leak locked down! </p><p>Read about this very frustrating effort to get exposed patient data locked down:</p><p><a href="https://databreaches.net/2025/06/30/bolton-walk-in-clinic-patient-data-leak-locked-down-finally/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/06/30/bo</span><span class="invisible">lton-walk-in-clinic-patient-data-leak-locked-down-finally/</span></a></p><p><a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a> <a href="https://infosec.exchange/tags/PHIPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHIPA</span></a> <a href="https://infosec.exchange/tags/HIPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPA</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a></p>
nemo™ 🇺🇦<p>Another "record" password leak? 🤔 Turns out the 16B password dump is just recycled data! 🔄 Stay sharp, don’t fall for the hype. Read more here: <a href="https://cyberinsider.com/16-billion-passwords-dump-hyped-as-record-leak-is-just-recycled-data/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cyberinsider.com/16-billion-pa</span><span class="invisible">sswords-dump-hyped-as-record-leak-is-just-recycled-data/</span></a> <a href="https://mas.to/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mas.to/tags/DataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataLeak</span></a> <a href="https://mas.to/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a></p>
JayeLTee<p>US Forensic Lab was leaking phone data extracts for multiple cases, including ongoing ones.</p><p>Likely the most sensitive data I've found exposed to date, with links to the DOJ in Montana.</p><p>Thanks again to <span class="h-card" translate="no"><a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>masek</span></a></span> and <span class="h-card" translate="no"><a href="https://infosec.exchange/@PogoWasRight" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>PogoWasRight</span></a></span> for helping get the message to the people responsible for this one.</p><p><a href="https://jltee.substack.com/p/forensic-lab-with-links-to-montana-doj-leaks-phone-extracts" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">jltee.substack.com/p/forensic-</span><span class="invisible">lab-with-links-to-montana-doj-leaks-phone-extracts</span></a></p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/unitedstates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>unitedstates</span></a> <a href="https://infosec.exchange/tags/usa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>usa</span></a> <a href="https://infosec.exchange/tags/us" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>us</span></a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/leak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>leak</span></a> <a href="https://infosec.exchange/tags/evidence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>evidence</span></a> <a href="https://infosec.exchange/tags/phone" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phone</span></a> <a href="https://infosec.exchange/tags/forensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>forensics</span></a> <a href="https://infosec.exchange/tags/data" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>data</span></a></p>
Dissent Doe :cupofcoffee:<p>As much as I generally detest claims that something should be a wake-up call, <span class="h-card" translate="no"><a href="https://infosec.exchange/@lawrenceabrams" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lawrenceabrams</span></a></span> response to <span class="h-card" translate="no"><a href="https://infosec.exchange/@cybernews" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>cybernews</span></a></span> "16 billion" story really should be a wake-up call for any news outlets who repeat any claims of discovered leaks or breaches by Cybernews. </p><p>See <a href="https://www.bleepingcomputer.com/news/security/no-the-16-billion-credentials-leak-is-not-a-new-data-breach/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/no-the-16-billion-credentials-leak-is-not-a-new-data-breach/</span></a></p><p>DataBreaches.net will no longer link to Cybernews unless there is some reliable source that confirms that their claims are accurate and that they are not just reporting on leaks that they haven't even seriously tried to get locked down before they report on it. </p><p>Comments:<br><a href="https://databreaches.net/2025/06/20/no-the-16-billion-credentials-leak-is-not-a-new-data-breach-a-wake-up-call-about-fake-news/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/06/20/no</span><span class="invisible">-the-16-billion-credentials-leak-is-not-a-new-data-breach-a-wake-up-call-about-fake-news/</span></a></p><p><a href="https://infosec.exchange/tags/journalism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>journalism</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/infostealers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infostealers</span></a> <a href="https://infosec.exchange/tags/passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passwords</span></a> <a href="https://infosec.exchange/tags/hype" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hype</span></a> <a href="https://infosec.exchange/tags/clickbait" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>clickbait</span></a> <a href="https://infosec.exchange/tags/ethics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ethics</span></a></p><p><span class="h-card" translate="no"><a href="https://cyberplace.social/@GossiTheDog" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GossiTheDog</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@dangoodin" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>dangoodin</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.green/@gcluley" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gcluley</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@brianhonan" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>brianhonan</span></a></span></p>
Petra van Cronenburg<p>"Cybercriminals now have unprecedented access to personal credentials and could exploit them for account takeovers, identity theft, and targeted phishing attacks. This is fresh, weaponizable intelligence at scale,” researchers said.</p><p><a href="https://cybernews.com/security/billions-credentials-exposed-infostealers-data-leak/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cybernews.com/security/billion</span><span class="invisible">s-credentials-exposed-infostealers-data-leak/</span></a></p><p><a href="https://mastodon.online/tags/cyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberSecurity</span></a> <a href="https://mastodon.online/tags/passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passwords</span></a> <a href="https://mastodon.online/tags/dataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataLeak</span></a> <a href="https://mastodon.online/tags/cyberCrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberCrime</span></a></p>
Europe Says<p><a href="https://www.europesays.com/2178535/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">europesays.com/2178535/</span><span class="invisible"></span></a> 16 Milliarden Zugangsdaten: Kein neuer Leak, viele alte Daten <a href="https://pubeurope.com/tags/alt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>alt</span></a> <a href="https://pubeurope.com/tags/Cybernews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybernews</span></a> <a href="https://pubeurope.com/tags/Dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Dataleak</span></a> <a href="https://pubeurope.com/tags/deutschland" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>deutschland</span></a> <a href="https://pubeurope.com/tags/Elasticsearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Elasticsearch</span></a> <a href="https://pubeurope.com/tags/germany" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>germany</span></a> <a href="https://pubeurope.com/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IT</span></a> <a href="https://pubeurope.com/tags/Nachrichten" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nachrichten</span></a> <a href="https://pubeurope.com/tags/Remix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Remix</span></a> <a href="https://pubeurope.com/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a></p>