⚠️ If you see a post or DM saying "your account is currently suspended for verification purposes", do NOT click on the link. It is a scam.

Fediverse servers do not ask people to verify their identity. There is an optional self-verification system, but that's just for those who want to use it. No one is ever asked to do it.

If you are in ANY doubt about ANY official-looking message, contact your own server's admin directly using their public email address on your server's website's "About" page.

In August 2020, @SchizoDuckie and I published what was to become the first of a series of articles or posts called "No Need to Hack When It's Leaking."

In today's installment, I bring you "No Need to Hack When It's Leaking: Brandt Kettwick Defense Edition." It chronicles efforts by @JayeLTee, @masek, and I to alert a Minnesota law firm to lock down their exposed files, some of which were quite sensitive.

Read the post and see how even the state's Bureau of Criminal Apprehension had trouble getting this law firm to respond appropriately.

https://databreaches.net/2025/07/04/no-need-to-hack-when-its-leaking-brandt-kettwick-defense-edition/

Great thanks to the Minnesota Bureau of Criminal Apprehension for their help on this one, and to @TonyYarusso and @bkoehn for their efforts.

#dataleak #misconfiguration #incidentresponse #incidentmanagement #responsibledisclosure #securityalert #infosec

Cybernews made a post about a "record-breaking data breach", one they created themselves in their head.

They seem to keep updating their post with more information, and it's now a mix of false claims and contradictions.

I called @Scary and we went digging through our logs to show you just how much effort they put into researching for that article and how much of it is overblown.

https://jltee.substack.com/p/fact-checking-claims-by-cybernews

#cybersecurity #infosec #infostealer #cybernews #data #databreach #news

Update: The group leaks stolen FONPER data.

The total amount of stolen data is unknown, but the files include items labeled as payrolls, account statements, notifications, emails, and backups made via OneDrive.

Interestingly, the latter file is dated June 17, 2025.

https://www.security-chu.com/2025/06/ciberataque-al-FONPER-RD.html

#government #databreach #infosec #Cybersecurity

Cyberattack: INC Ransom Publishes Data from the FONPER on the Dark Web - Dominican Republic.

https://www.security-chu.com/2025/06/ciberataque-al-FONPER-RD.html

#government #Cybersecurity #cyberattack #RD #news #noticias #ciberseguridad #ransomware #infosec