The Department of Education in Victoria, Australia, notified parents that attackers accessed a database containing the personal information and email addresses of current and former students, prompting password resets. The department disclosed the breach in letters sent to parents, stating that an unauthorized third party accessed students' names, school names, year levels, and school-issued email addresses, as well as encrypted passwords for accounts that use them.
Eurail B.V. has unfortunately experienced a security breach within our systems that resulted in unauthorized access to customer data. Following the discovery, we immediately began work to secure our systems and initiated an investigation with the support of external cybersecurity specialists and legal advisors. We take this matter very seriously and are currently conducting a thorough investigation to determine the full scope of the incident and its potential impact on customers, which includes participants of the European Commission's DiscoverEU action.
The allegedly stolen user data was later posted to shinyhunte[.]rs, alongside a message from a self-described cyber outlaw calling himself "James," who appeared keen to make sure his handiwork didn't go unnoticed. Have I Been Pwned's listing of the incident shows that the breach occurred before law enforcement's October 2025 takedown of the BreachForums domain, and that the leak comprised roughly 324,000 unique email addresses, usernames, and Argon2-hashed passwords, pulled from public posts, private messages, and other forum records.
The Royal Borough of Kensington and Chelsea (RBKC) in Greater London is in the process of contacting households across the borough after establishing in December that personal data on thousands of residents was stolen in a cyber attack on shared systems operated by the council. Over a month after the incident, several services remain disrupted or are operating in a limited capacity.
For residents and patients, the account information included first and last name, Social Security number, date of birth, Medicare number, or medical treatment and condition information. For those individuals who were not residents, personal information involved first and last name, in combination with one or more of the following data element(s): Social Security number, passport number, driver's license or state identity card information, medical information, health insurance information, and online log-in information corresponding with the individual whose email account was compromised.
The crim says the haul spans more than 800 classified raw LiDAR point cloud files in .las format ranging from 100 MB to 2 GB each; full coverage of transmission line corridors and substations, which includes layers for bare earth, vegetation, conductors, and structures; high-resolution orthophotos in .ecw format; MicroStation design files and PTC settings; large vegetation feature files in .xyz format; and other files from active projects.
On Tuesday, the company confirmed it has begun notifying around 22.65 million whose data was stolen during the cyberattack. In a filing with the Texas attorney general, Aflac said that the stolen data includes customer names, dates of birth, home addresses; government-issued ID numbers (such as passports and state ID cards) and driver's license numbers, and Social Security numbers; as well as medical and health insurance information.
Ransomware hacks, data theft, crypto scams and sextortion cover a broad range of cybercrimes carried out by an equally varied list of assailants. But there is also an English-speaking criminal ecosystem carrying out these activities that defies conventional categorisation. Nonetheless, it does have a name: the Com. Short for community, the Com is a loose affiliation of cyber-criminals, largely native English language speakers typically aged from 16 to 25.
