RE: https://infosec.exchange/@douglevin/116771934591550552

I am waiting for a response to a public records request I filed with PA over safe2say PA. They'll likely exempt everything, but we'll see. I will be reporting on some of the sensitive tips involving children.

And yes, there are tips in the dataset involving Canada although I haven't attempted to dive into those. I think it's shameful that entities still haven't been given details on what data of theirs was involved.

#Navigate360 #Crimestoppers #databreach

𝐒𝐢𝐧𝐜𝐞 𝐖𝐡𝐞𝐧 𝐃𝐢𝐝 𝐀𝐬𝐤𝐢𝐧𝐠 𝐟𝐨𝐫 𝐄𝐯𝐢𝐝𝐞𝐧𝐜𝐞 𝐁𝐞𝐜𝐨𝐦𝐞 “𝐃𝐞𝐟𝐞𝐧𝐝𝐢𝐧𝐠 𝐂𝐫𝐢𝐦𝐢𝐧𝐚𝐥𝐬”?

Dissent responded harshly to these accusations, firmly rejecting any insinuation of collusion with criminal groups. The journalist pointed out that every time she asks for evidence to support certain claims, she is labeled “criminal-friendly” or accused of being a mouthpiece for cybercriminals, simply for refusing to uncritically accept statements lacking public verification.

https://www.suspectfile.com/since-when-did-asking-for-evidence-become-defending-criminals/

#Canvas #Data_Breach #Instructure #Navigate360 #Ransom #ShinyHunters

𝐑𝐚𝐧𝐬𝐨𝐦𝐰𝐚𝐫𝐞, 𝐓𝐫𝐚𝐧𝐬𝐩𝐚𝐫𝐞𝐧𝐜𝐲, 𝐚𝐧𝐝 𝐈𝐧𝐯𝐢𝐬𝐢𝐛𝐥𝐞 𝐕𝐢𝐜𝐭𝐢𝐦𝐬: 𝐃𝐢𝐬𝐬𝐞𝐧𝐭 𝐑𝐞𝐬𝐩𝐨𝐧𝐝𝐬 𝐭𝐨 𝐭𝐡𝐞 𝐈𝐧𝐬𝐭𝐫𝐮𝐜𝐭𝐮𝐫𝐞 𝐂𝐚𝐬𝐞

A recent article published by DataBreaches.net by journalist Dissent addresses one of the most controversial issues in modern cybersecurity: the payment of ransoms following a cyberattack and the consequences such decisions can have not only on the companies involved, but also on the individuals whose data has been compromised.

https://www.suspectfile.com/ransomware-transparency-and-invisible-victims-dissent-responds-to-the-instructure-case/

#Canvas #Data_Breach #Instructure #Navigate360 #Ransom #Ransomware #ShinyHunters

Senators Probe Navigate360 Over Hacked Student Data

Senators Maggie Hassan and Jim Banks are demanding answers from Navigate360 after a cyberattack compromised its anonymous tip line, putting the sensitive data of students, staff, and schools at risk. The breach allegedly exposed 93 gigabytes of data, sparking concerns over the safety and security of those who rely on the company's…

https://osintsights.com/senators-probe-navigate360-over-hacked-student-data?utm_source=mastodon&utm_medium=social

#StudentDataBreach #Navigate360 #P3GlobalIntel #EmergingThreats #EducationSector

NEW by me:

BlueLeaks 2.0: 7,300+ Schools, Referral Systems Reported, and a Breach Navigate360 Still Hasn’t Publicly Confirmed

P3's parent firm responded to me, but only to say they are quite concerned about my reporting data on their breach. They are concerned that partial or incomplete data without context, etc., might upset folks downstream. That would be the same folks they haven't addressed at all, I guess.

My post, with newly reported data (thanks to the incredibly patient and diligent @JayeLTee's help) and my response to #Navigate360:

https://databreaches.net/2026/04/22/blueleaks-2-0-7300-schools-referral-systems-reported-and-a-breach-navigate360-still-hasnt-publicly-confirmed/

Previous coverage by me about this breach that has compromised what were supposed to be anonymous and SECURE tips from and about students:

https://databreaches.net/2026/04/16/p3-advertised-20-years-and-0-security-breaches-you-can-guess-what-happened-next/

#databreach #transparency #incidentresponse #infosec #cybersecurity #P3Tips

@zackwhittaker @jgreig @dangoodin @mkeierleber @ddosecrets

NEW: My post on the student/k-12 tips exposed in "BlueLeaks 2.0" is now up.

P3 Campus and its partner programs like Safe2Say Something PA, Safe2Tell, and Sandy Hook Promise were supposed to provide secure and anonymous ability to report tips.

Promises of security and anonymity do not appear to have been kept. A hacker claims it was easy to gain access and repeatedly access the database to acquire more than 8 million tips.

There is not much anonymous about what I reviewed in the dataset.

Many of the school-related tips I reviewed reported concerns over named students with suicidal ideation or cutting, students being bullied or bullying others, and drugs (mostly vaping) in school. Some students reported cybercriminal activity.

Navigate360, the parent company of P3, still hasn't publicly acknowledged that it was breached and that sensitive information was involved. Their lack of transparency was noted by @douglevin

The dataset has not been leaked publicly, but the "Internet Yiff Machine" who provided it to #ddosecrets and https://infosec.exchange/@mikaelthalen@mastodon.social -- and then to me -- has listed it for sale.

My focus in this post was on the student/school -related tips, but the 93.51 GB dataset has millions of tips that include adult issues and crimes, including drugs, homicide, assaults, etc. I provide one or two examples from the non-student tips to illustrate how sensitive the tips are in this dataset.

This may be the worst breach I've ever seen involving sensitive student information, and I've seen many student-related data breaches over the past two decades.

Read: "P3 Advertised 20+ Years and 0 Security Breaches. You Can Guess What Happened Next.'" at https://databreaches.net/2026/04/16/p3-advertised-20-years-and-0-security-breaches-you-can-guess-what-happened-next/

#BlueLeaks2 #DDoSecrets #databreach #P3Campus #P3Tips #Navigate360 #CrimeStoppers #Safety #Safe2tell #InternetYiffMachine

@zackwhittaker @campuscodi @jgreig @euroinfosec @funnymonkey @mkeierleber @JayeLTee