'%3e%3cg id='Final-Copy-2_2_' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st0' d='M7.4,12.8h6.8l3.1-11.6H7.4C4.2,1.2,1.6,3.8,1.6,7S4.2,12.8,7.4,12.8z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3cg id='final---dec.11-2020'%3e%3cg id='_x30_208-our-toggle' transform='translate(-1275.000000, -200.000000)'%3e%3cg id='Final-Copy-2' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st1' d='M22.6,0H7.4c-3.9,0-7,3.1-7,7s3.1,7,7,7h15.2c3.9,0,7-3.1,7-7S26.4,0,22.6,0z M1.6,7c0-3.2,2.6-5.8,5.8-5.8 h9.9l-3.1,11.6H7.4C4.2,12.8,1.6,10.2,1.6,7z'/%3e%3cpath id='x' class='st2' d='M24.6,4c0.2,0.2,0.2,0.6,0,0.8l0,0L22.5,7l2.2,2.2c0.2,0.2,0.2,0.6,0,0.8c-0.2,0.2-0.6,0.2-0.8,0 l0,0l-2.2-2.2L19.5,10c-0.2,0.2-0.6,0.2-0.8,0c-0.2-0.2-0.2-0.6,0-0.8l0,0L20.8,7l-2.2-2.2c-0.2-0.2-0.2-0.6,0-0.8 c0.2-0.2,0.6-0.2,0.8,0l0,0l2.2,2.2L23.8,4C24,3.8,24.4,3.8,24.6,4z'/%3e%3cpath id='y' class='st3' d='M12.7,4.1c0.2,0.2,0.3,0.6,0.1,0.8l0,0L8.6,9.8C8.5,9.9,8.4,10,8.3,10c-0.2,0.1-0.5,0.1-0.7-0.1l0,0 L5.4,7.7c-0.2-0.2-0.2-0.6,0-0.8c0.2-0.2,0.6-0.2,0.8,0l0,0L8,8.6l3.8-4.5C12,3.9,12.4,3.9,12.7,4.1z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
In a plot twist that sounds suspiciously like the opening act of a tech-noir film, a federal judge has ordered OpenAI to preserve all user chat logs, including the ones you thought you deleted and mentally erased after oversharing a bit too much in a "temporary" chat. Yes, those chats. The ones where you dropped snippets of proprietary code, brainstormed with sensitive client info, or asked GPT to rewrite your performance review like Shakespeare with a grudge.
Now, these chats must be stored. Forever. Even though OpenAI’s privacy policy basically promised users they could “delete chats anytime.” Apparently, that policy now comes with an invisible asterisk that says: unless a federal judge has other ideas.
Naturally, this raises the sort of tiny concerns like massive GDPR violations, breaches of user consent, and the philosophical question of whether a deleted chat was ever really deleted at all. So, if your company jumped on the “AI-powered workplace” bandwagon and forgot to read the terms and conditions (spoiler: everyone did), it might be time for a little data hygiene, or at least a GDPR lawyer on speed dial.
Meanwhile, in what reads like a rejected Mission: Impossible script, a shadowy hacktivist group called Predatory Sparrow, which may or may not be backed by Mossad, depending on which cyber-gossip you trust, has declared digital jihad on Iran’s financial systems.
They publicly announced their attack on Bank Sepah (subtlety clearly not their forte), accusing it of violating sanctions and funding everything from nuclear programs to regional chaos. The result? ATMs shut down, branches closed, and Iran pulled the plug on its entire internet infrastructure like a parent yanking the Wi-Fi because their kid won’t stop playing Fortnite.
Before the lights went out, Predatory Sparrow also hit Nobitex, Iran’s biggest crypto exchange. Not content with a mere takedown, they dumped the source code to Telegram and reportedly absconded with over $90 million in cryptocurrency, only to yeet the funds into random, inaccessible wallets like some kind of blockchain Banksy.
Let that sink in: the largest burn of stolen crypto in history, and it was accompanied by a Telegram drop and some anonymous political sass. Somewhere, North Korean hackers are quietly slow-clapping.
And finally, the mainstream media is hyperventilating over the claim that 16 billion passwords have been leaked. Again. For what feels like the 14th time this decade. Let’s all take a deep breath.
Yes, the number sounds terrifying. No, it’s not a fresh breach of biblical proportions. What we’re looking at here is another charming casserole of ULPs (Username-Login-Passwords) scraped from years of stealer logs, data breaches, shady dark web forums, and malware-infected machines. Think of it like the cybersecurity version of a garage sale, some of it is junk, some of it’s already been leaked, and a tiny bit might still be valuable (to someone using the same Netflix password since 2012).
If you’re using the same login for your gym, your bank, and your “totally anonymous” fan fiction forum, maybe consider mixing it up. Otherwise, don’t panic. Just update your passwords, use a password manager, and try not to yell “THE SKY IS FALLING” every time someone finds a dusty old credential dump online.
TL;DR:
- Your "temporary" ChatGPT chats might outlive you.
- Mossad’s favourite sparrows have expensive taste in crypto.
- And unless your password is still “letmein” or “iloveyou,” you’re probably fine.
Sleep tight, digital citizens. The internet’s got jokes, and lawsuits.
Scan Any Domain for Free https://breachaware.com/scan
https://breachaware.com/research/crypto-kidnappings-dragonforce-ransomware-and-global-privacy-shakeups
A total of 22 breach events were found and analysed resulting in 6,199,513 exposed accounts containing a total of 39 different data types of personal datum. The breaches found publicly and freely available included ULP Alien TxT File - Episode 15, ULP 0022, Stealer Log 0529, Stealer Log 0530 and National Centre for Disaster Risk Assessment, Prevention, and Reduction - Peru.
Dark Web Cracks, Student Hacker Falls, and BreachForums Rises Again.
https://breachaware.com/research/dark-web-cracks-student-hacker-falls-and-breachforums-rises-again
A total of 16 breach events were found and analysed resulting in 1,917,577 exposed accounts containing a total of 28 different data types of personal datum. The breaches found publicly and freely available included ULP 0023, Stealer Log 0531, Aire de Fiesta, Brazilian Consumer Database and Silver Falls Capital.
Bidencash Seized, Brutecat’s Google Hack, Wazuh Exploited.
https://breachaware.com/research/bidencash-seized-brutecats-google-hack-wazuh-exploited
A total of 17 breach events were found and analysed resulting in 6,296,420 exposed accounts containing a total of 26 different data types of personal datum. The breaches found publicly and freely available included ULP 0025, ULP Alien TxT File - Episode 16, Instituto Nacional de Transporte Terrestre (INTT), Infusion Mobile and Epsilor.
Trickbot Kingpin Doxxed, Google Outage, BreachForums Sold.
https://breachaware.com/research/trickbot-kingpin-doxxed-google-outage-breachforums-sold
A total of 24 breach events were found and analysed resulting in 5,426,979 exposed accounts containing a total of 34 different data types of personal datum. The breaches found publicly and freely available included Darty, Stealer Log 0533, Shadow, Stealer Log 0532 and EloBuddy.
Dark Web Crackdowns, CVE Wave, Global Privacy Tensions Rise.
https://breachaware.com/research/dark-web-crackdowns-cve-wave-global-privacy-tensions-rise
A total of 12 breach events were found and analysed resulting in 14,927,673 exposed accounts containing a total of 33 different data types of personal datum. The breaches found publicly and freely available included Alien TxT File - Episode 17, Cetdigit, ULP 0026, Stealer Log 0534 and CarderPro.
Now, these chats must be stored. Forever. Even though OpenAI’s privacy policy basically promised users they could “delete chats anytime.” Apparently, that policy now comes with an invisible asterisk that says: unless a federal judge has other ideas.
Naturally, this raises the sort of tiny concerns like massive GDPR violations, breaches of user consent, and the philosophical question of whether a deleted chat was ever really deleted at all. So, if your company jumped on the “AI-powered workplace” bandwagon and forgot to read the terms and conditions (spoiler: everyone did), it might be time for a little data hygiene, or at least a GDPR lawyer on speed dial.
Meanwhile, in what reads like a rejected Mission: Impossible script, a shadowy hacktivist group called Predatory Sparrow, which may or may not be backed by Mossad, depending on which cyber-gossip you trust, has declared digital jihad on Iran’s financial systems.
They publicly announced their attack on Bank Sepah (subtlety clearly not their forte), accusing it of violating sanctions and funding everything from nuclear programs to regional chaos. The result? ATMs shut down, branches closed, and Iran pulled the plug on its entire internet infrastructure like a parent yanking the Wi-Fi because their kid won’t stop playing Fortnite.
Before the lights went out, Predatory Sparrow also hit Nobitex, Iran’s biggest crypto exchange. Not content with a mere takedown, they dumped the source code to Telegram and reportedly absconded with over $90 million in cryptocurrency, only to yeet the funds into random, inaccessible wallets like some kind of blockchain Banksy.
Let that sink in: the largest burn of stolen crypto in history, and it was accompanied by a Telegram drop and some anonymous political sass. Somewhere, North Korean hackers are quietly slow-clapping.
And finally, the mainstream media is hyperventilating over the claim that 16 billion passwords have been leaked. Again. For what feels like the 14th time this decade. Let’s all take a deep breath.
Yes, the number sounds terrifying. No, it’s not a fresh breach of biblical proportions. What we’re looking at here is another charming casserole of ULPs (Username-Login-Passwords) scraped from years of stealer logs, data breaches, shady dark web forums, and malware-infected machines. Think of it like the cybersecurity version of a garage sale, some of it is junk, some of it’s already been leaked, and a tiny bit might still be valuable (to someone using the same Netflix password since 2012).
If you’re using the same login for your gym, your bank, and your “totally anonymous” fan fiction forum, maybe consider mixing it up. Otherwise, don’t panic. Just update your passwords, use a password manager, and try not to yell “THE SKY IS FALLING” every time someone finds a dusty old credential dump online.
TL;DR:
- Your "temporary" ChatGPT chats might outlive you.
- Mossad’s favourite sparrows have expensive taste in crypto.
- And unless your password is still “letmein” or “iloveyou,” you’re probably fine.
Sleep tight, digital citizens. The internet’s got jokes, and lawsuits.
Scan Any Domain for Free https://breachaware.com/scan
This months cyber spotlight, vulnerability chat & privacy headlines.
Crypto Kidnappings, DragonForce Ransomware, and Global Privacy Shakeups.https://breachaware.com/research/crypto-kidnappings-dragonforce-ransomware-and-global-privacy-shakeups
A total of 22 breach events were found and analysed resulting in 6,199,513 exposed accounts containing a total of 39 different data types of personal datum. The breaches found publicly and freely available included ULP Alien TxT File - Episode 15, ULP 0022, Stealer Log 0529, Stealer Log 0530 and National Centre for Disaster Risk Assessment, Prevention, and Reduction - Peru.
Dark Web Cracks, Student Hacker Falls, and BreachForums Rises Again.
https://breachaware.com/research/dark-web-cracks-student-hacker-falls-and-breachforums-rises-again
A total of 16 breach events were found and analysed resulting in 1,917,577 exposed accounts containing a total of 28 different data types of personal datum. The breaches found publicly and freely available included ULP 0023, Stealer Log 0531, Aire de Fiesta, Brazilian Consumer Database and Silver Falls Capital.
Bidencash Seized, Brutecat’s Google Hack, Wazuh Exploited.
https://breachaware.com/research/bidencash-seized-brutecats-google-hack-wazuh-exploited
A total of 17 breach events were found and analysed resulting in 6,296,420 exposed accounts containing a total of 26 different data types of personal datum. The breaches found publicly and freely available included ULP 0025, ULP Alien TxT File - Episode 16, Instituto Nacional de Transporte Terrestre (INTT), Infusion Mobile and Epsilor.
Trickbot Kingpin Doxxed, Google Outage, BreachForums Sold.
https://breachaware.com/research/trickbot-kingpin-doxxed-google-outage-breachforums-sold
A total of 24 breach events were found and analysed resulting in 5,426,979 exposed accounts containing a total of 34 different data types of personal datum. The breaches found publicly and freely available included Darty, Stealer Log 0533, Shadow, Stealer Log 0532 and EloBuddy.
Dark Web Crackdowns, CVE Wave, Global Privacy Tensions Rise.
https://breachaware.com/research/dark-web-crackdowns-cve-wave-global-privacy-tensions-rise
A total of 12 breach events were found and analysed resulting in 14,927,673 exposed accounts containing a total of 33 different data types of personal datum. The breaches found publicly and freely available included Alien TxT File - Episode 17, Cetdigit, ULP 0026, Stealer Log 0534 and CarderPro.
