home.social

#cl0p — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #cl0p, aggregated by home.social.

  1. 📰 UK Water Company Fined £1M After Cl0p Lurked on Network for 20 Months Undetected

    💸 UK water company fined nearly £1M by ICO after a major breach by Cl0p ransomware. Attackers were undetected on the network for 20 MONTHS, exfiltrating 4.1TB of data. A case study in failed security fundamentals. #DataBreach #Ransomware #Cl0p #ICO

    🔗 cyber.netsecops.io

  2. 📰 UK Water Company Fined £1M After Cl0p Lurked on Network for 20 Months Undetected

    💸 UK water company fined nearly £1M by ICO after a major breach by Cl0p ransomware. Attackers were undetected on the network for 20 MONTHS, exfiltrating 4.1TB of data. A case study in failed security fundamentals. #DataBreach #Ransomware #Cl0p #ICO

    🔗 cyber.netsecops.io

  3. Data Extortion Groups Intensify Pressure On Global Aerospace Supply Chains

    Cyber threats targeting the global aviation and aerospace sector are rapidly evolving, with ransomware, identity-based intrusions, and platform-level disruptions becoming dominant attack vectors. The interconnected nature of this ecosystem, combined with time-sensitive operations and complex third-party dependencies, makes it highly attractive to threat actors. Shared airport IT platforms represent critical single points of failure, as demonstrated by the September 2025 ransomware attack on Collins Aerospace MUSE system that disrupted major European airports including Heathrow, Brussels, Berlin, and Dublin. Major ransomware groups like LockBit and Cl0p maintain heavy focus on aviation suppliers, while advanced persistent threat groups including Refined Kitten, Wicked Panda, and Fancy Bear conduct strategic espionage targeting intellectual property, aircraft design data, and military aviation intelligence. Emerging threats include vulnerabilities in regional airports, aviation SaaS platforms, and satellite ...

    Pulse ID: 69fb173ad966425db9cad018
    Pulse Link: otx.alienvault.com/pulse/69fb1
    Pulse Author: AlienVault
    Created: 2026-05-06 10:26:02

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Cl0p #CyberSecurity #Espionage #Europe #Extortion #InfoSec #LockBit #Military #OTX #OpenThreatExchange #RAT #RansomWare #SupplyChain #bot #AlienVault

  4. Data Extortion Groups Intensify Pressure On Global Aerospace Supply Chains

    Cyber threats targeting the global aviation and aerospace sector are rapidly evolving, with ransomware, identity-based intrusions, and platform-level disruptions becoming dominant attack vectors. The interconnected nature of this ecosystem, combined with time-sensitive operations and complex third-party dependencies, makes it highly attractive to threat actors. Shared airport IT platforms represent critical single points of failure, as demonstrated by the September 2025 ransomware attack on Collins Aerospace MUSE system that disrupted major European airports including Heathrow, Brussels, Berlin, and Dublin. Major ransomware groups like LockBit and Cl0p maintain heavy focus on aviation suppliers, while advanced persistent threat groups including Refined Kitten, Wicked Panda, and Fancy Bear conduct strategic espionage targeting intellectual property, aircraft design data, and military aviation intelligence. Emerging threats include vulnerabilities in regional airports, aviation SaaS platforms, and satellite ...

    Pulse ID: 69fb173ad966425db9cad018
    Pulse Link: otx.alienvault.com/pulse/69fb1
    Pulse Author: AlienVault
    Created: 2026-05-06 10:26:02

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Cl0p #CyberSecurity #Espionage #Europe #Extortion #InfoSec #LockBit #Military #OTX #OpenThreatExchange #RAT #RansomWare #SupplyChain #bot #AlienVault

  5. Data Extortion Groups Intensify Pressure On Global Aerospace Supply Chains

    Cyber threats targeting the global aviation and aerospace sector are rapidly evolving, with ransomware, identity-based intrusions, and platform-level disruptions becoming dominant attack vectors. The interconnected nature of this ecosystem, combined with time-sensitive operations and complex third-party dependencies, makes it highly attractive to threat actors. Shared airport IT platforms represent critical single points of failure, as demonstrated by the September 2025 ransomware attack on Collins Aerospace MUSE system that disrupted major European airports including Heathrow, Brussels, Berlin, and Dublin. Major ransomware groups like LockBit and Cl0p maintain heavy focus on aviation suppliers, while advanced persistent threat groups including Refined Kitten, Wicked Panda, and Fancy Bear conduct strategic espionage targeting intellectual property, aircraft design data, and military aviation intelligence. Emerging threats include vulnerabilities in regional airports, aviation SaaS platforms, and satellite ...

    Pulse ID: 69fb173ad966425db9cad018
    Pulse Link: otx.alienvault.com/pulse/69fb1
    Pulse Author: AlienVault
    Created: 2026-05-06 10:26:02

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Cl0p #CyberSecurity #Espionage #Europe #Extortion #InfoSec #LockBit #Military #OTX #OpenThreatExchange #RAT #RansomWare #SupplyChain #bot #AlienVault

  6. Data Extortion Groups Intensify Pressure On Global Aerospace Supply Chains

    Cyber threats targeting the global aviation and aerospace sector are rapidly evolving, with ransomware, identity-based intrusions, and platform-level disruptions becoming dominant attack vectors. The interconnected nature of this ecosystem, combined with time-sensitive operations and complex third-party dependencies, makes it highly attractive to threat actors. Shared airport IT platforms represent critical single points of failure, as demonstrated by the September 2025 ransomware attack on Collins Aerospace MUSE system that disrupted major European airports including Heathrow, Brussels, Berlin, and Dublin. Major ransomware groups like LockBit and Cl0p maintain heavy focus on aviation suppliers, while advanced persistent threat groups including Refined Kitten, Wicked Panda, and Fancy Bear conduct strategic espionage targeting intellectual property, aircraft design data, and military aviation intelligence. Emerging threats include vulnerabilities in regional airports, aviation SaaS platforms, and satellite ...

    Pulse ID: 69fb173ad966425db9cad018
    Pulse Link: otx.alienvault.com/pulse/69fb1
    Pulse Author: AlienVault
    Created: 2026-05-06 10:26:02

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Cl0p #CyberSecurity #Espionage #Europe #Extortion #InfoSec #LockBit #Military #OTX #OpenThreatExchange #RAT #RansomWare #SupplyChain #bot #AlienVault

  7. Data Extortion Groups Intensify Pressure On Global Aerospace Supply Chains

    Cyber threats targeting the global aviation and aerospace sector are rapidly evolving, with ransomware, identity-based intrusions, and platform-level disruptions becoming dominant attack vectors. The interconnected nature of this ecosystem, combined with time-sensitive operations and complex third-party dependencies, makes it highly attractive to threat actors. Shared airport IT platforms represent critical single points of failure, as demonstrated by the September 2025 ransomware attack on Collins Aerospace MUSE system that disrupted major European airports including Heathrow, Brussels, Berlin, and Dublin. Major ransomware groups like LockBit and Cl0p maintain heavy focus on aviation suppliers, while advanced persistent threat groups including Refined Kitten, Wicked Panda, and Fancy Bear conduct strategic espionage targeting intellectual property, aircraft design data, and military aviation intelligence. Emerging threats include vulnerabilities in regional airports, aviation SaaS platforms, and satellite ...

    Pulse ID: 69fb173ad966425db9cad018
    Pulse Link: otx.alienvault.com/pulse/69fb1
    Pulse Author: AlienVault
    Created: 2026-05-06 10:26:02

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Cl0p #CyberSecurity #Espionage #Europe #Extortion #InfoSec #LockBit #Military #OTX #OpenThreatExchange #RAT #RansomWare #SupplyChain #bot #AlienVault

  8. #CheckPoint researchers assessed three most significant financial-sector trends in 2025. #DDoS attacks surged 105%, data breaches and leaks rose 73%, and #ransomware incidents reached 451 cases with aggressive multi-extortion tactics. #Hacktivists drove DDoS attacks, and ransomware groups like #Qilin, #Akira, and #Cl0p scaled operations via shared tooling and third-party access.

    blog.checkpoint.com/research/t

  9. #CheckPoint researchers assessed three most significant financial-sector trends in 2025. #DDoS attacks surged 105%, data breaches and leaks rose 73%, and #ransomware incidents reached 451 cases with aggressive multi-extortion tactics. #Hacktivists drove DDoS attacks, and ransomware groups like #Qilin, #Akira, and #Cl0p scaled operations via shared tooling and third-party access.

    blog.checkpoint.com/research/t

  10. #CheckPoint researchers assessed three most significant financial-sector trends in 2025. #DDoS attacks surged 105%, data breaches and leaks rose 73%, and #ransomware incidents reached 451 cases with aggressive multi-extortion tactics. #Hacktivists drove DDoS attacks, and ransomware groups like #Qilin, #Akira, and #Cl0p scaled operations via shared tooling and third-party access.

    blog.checkpoint.com/research/t

  11. #CheckPoint researchers assessed three most significant financial-sector trends in 2025. #DDoS attacks surged 105%, data breaches and leaks rose 73%, and #ransomware incidents reached 451 cases with aggressive multi-extortion tactics. #Hacktivists drove DDoS attacks, and ransomware groups like #Qilin, #Akira, and #Cl0p scaled operations via shared tooling and third-party access.

    blog.checkpoint.com/research/t

  12. Food and Ag-ISAC reports 82% surge in ransomware attacks as Qilin, Akira and CL0P lead campaigns against sector

    New data from the Food and Agriculture Information Sharing and Analysis Center (Food and Ag-ISAC) shows ra…
    #dining #cooking #diet #food #Food #Akira #Cl0p #DDoS #FoodandAg-ISAC #foodandagriculture #Lynx #play #Qilin #ransomwareattacks
    diningandcooking.com/2510429/f

  13. Food and Ag-ISAC reports 82% surge in ransomware attacks as Qilin, Akira and CL0P lead campaigns against sector

    New data from the Food and Agriculture Information Sharing and Analysis Center (Food and Ag-ISAC) shows ra…
    #dining #cooking #diet #food #Food #Akira #Cl0p #DDoS #FoodandAg-ISAC #foodandagriculture #Lynx #play #Qilin #ransomwareattacks
    diningandcooking.com/2510429/f

  14. Food and Ag-ISAC reports 82% surge in ransomware attacks as Qilin, Akira and CL0P lead campaigns against sector

    New data from the Food and Agriculture Information Sharing and Analysis Center (Food and Ag-ISAC) shows ra…
    #dining #cooking #diet #food #Food #Akira #Cl0p #DDoS #FoodandAg-ISAC #foodandagriculture #Lynx #play #Qilin #ransomwareattacks
    diningandcooking.com/2510429/f

  15. 🚨 nuova rivendicazione #ransomware Italia 🚨 🏴‍☠️ gruppo #CL0P^_ 🧬 Labinf SRL | Santhià (VC) 🎯 settore: IT 🔗 labinf.it 🗓️ 05 febbraio 2026 📄 sample: - ▪️ dati esfiltrati dichiarati: - ▪️ dati esfiltrati pubblicati: - ⏲️ scadenza: - #ransomNews #cybersecurity #cyberthreats

  16. CW: NSFW

    @darkwebsonar @kkarhan that's a different thing.

    - #cl0p is not #clop!

    @defilerzero does the latter…

  17. CW: NSFW

    @darkwebsonar @kkarhan that's a different thing.

    - #cl0p is not #clop!

    @defilerzero does the latter…

  18. CW: NSFW

    @darkwebsonar @kkarhan that's a different thing.

    - #cl0p is not #clop!

    @defilerzero does the latter…

  19. CW: NSFW

    @darkwebsonar @kkarhan that's a different thing.

    - #cl0p is not #clop!

    @defilerzero does the latter…

  20. CW: NSFW

    @darkwebsonar @kkarhan that's a different thing.

    - #cl0p is not #clop!

    @defilerzero does the latter…

  21. Cl0p - or Clop, depending on you talk to - is back targeting Australian companies again with cyber extortion attempts, though at this stage it may all be a bluff.

    #cybersecurity #cl0p #cl0p #cybercrime

    cyberdaily.au/security/13172-e

  22. Cl0p - or Clop, depending on you talk to - is back targeting Australian companies again with cyber extortion attempts, though at this stage it may all be a bluff.

    #cybersecurity #cl0p #cl0p #cybercrime

    cyberdaily.au/security/13172-e

  23. Cl0p - or Clop, depending on you talk to - is back targeting Australian companies again with cyber extortion attempts, though at this stage it may all be a bluff.

    #cybersecurity #cl0p #cl0p #cybercrime

    cyberdaily.au/security/13172-e

  24. Cl0p - or Clop, depending on you talk to - is back targeting Australian companies again with cyber extortion attempts, though at this stage it may all be a bluff.

    #cybersecurity #cl0p #cl0p #cybercrime

    cyberdaily.au/security/13172-e

  25. Cl0p - or Clop, depending on you talk to - is back targeting Australian companies again with cyber extortion attempts, though at this stage it may all be a bluff.

    #cybersecurity #cl0p #cl0p #cybercrime

    cyberdaily.au/security/13172-e

  26. 🚨 nuova rivendicazione #ransomware Italia 🚨 🏴‍☠️ gruppo #CL0P^_ 🧬 Augustea Holding SPA | Milano 🎯 settore: trasporto marittimo 🔗 augustea.com 🗓️ 30 gennaio 2026 📄 sample: - ▪️ dati esfiltrati dichiarati: - ▪️ dati esfiltrati pubblicati: - ⏲️ scadenza: - #ransomNews #cybersecurity #cyberthreats

  27. So for many folks - cancelling their Hilton Honors membership was a way to let the chain know that their handling of the situation in Minneapolis was unacceptable.

    Nice techdirt article and template for those perhaps looking to do the same techdirt.com/2026/01/07/dear-h

    Now it appears that the #Cl0p folks claim to have breached Hilton.com - but have yet to publish any data. After following cl0p in a previous life, my estimate is that they're found some novel way to breach a specific technology that many of these companies have deployed, have been immensely successful in compromising a large number of them, and are now inundated with data that they have to wade through.

    (first detection I am aware of was at 2026-01-25 15:14:45 UTC)

    infosec.exchange/@ransomwatch/

    However - I do have confidence that Hilton will not pay them and the data will [eventually] be published to The Dark Web™. (Or more accurately - probably via BitTorrent)

    (you can point your TOR enabled browser of choice to santat7kpllt6iyvqbr7q4amdv6dzr for any updates - the attached screenshot is from there)

    What that means is that for folks that did cancel their membership is that their data is likely going to be leaked to various and sundry criminal elements and probably lead to increased cyber-type headaches such as spam, phishing and identity theft for anyone involved. (Note that this is also true for anyone who did not cancel their Hilton Honors membership.)

    Going to preface this next bit by indicating that I'm not a lawyer nor do I play one on TV - and that no sane person should take legal advice from me or anyone else who is not a practicing lawyer lest you end up being the star of one of those "sovereign citizen" clips on youtube.

    Now - there probably is a way to help translate at least some of this into pain for the Hilton chain. If you are in the EU - GDPR does provide a lot of leverage for individuals in terms of data and privacy protection. As data breaches are more common - and you do live in Europe - you may already have some tools to point in Hilton's general direction.

    (Of note as well is that the GDPR 72-hour notifications window starts once the company is "aware" of the breach - and there may be some convoluted verbiage on what that actually means, but your report/request as a European person may be what actually starts that clock.)

    If you don't live in Europe - the folks at DLA Piper have a fairly substantial breakdown of breach requirements by country - but may give you some pointers in keywords to be using when communicating with their agents based on your locale.

    dlapiperdataprotection.com/?t=

    Additionally - if you have the time (and patience) to deal with someone on the phone - this is is the sort of inquiry that will need to be escalated to a human (i.e. will cost Hilton money) to answer.

    hilton.com/en/help-center/glob

    You may also want to reach out via any of the emails listed in the techdirt article above

    This may be of some assistance in providing - at the very least - some time and cycle burn for their public relations folks, who are probably also very busy trying to put some spin on some of their other PR disasters.

    Some questions that you may want to ask anyone that you get a hold of via phone, email, or carrier pigeon:

    • Are you aware that the ransomware gang cl0p has claimed that they have breached Hilton.com?
    • Can you confirm that this breach notification is legitimate?
    • Do you have an idea of what data was allegedly stolen, how much and when?
      • Has the vulnerability that led to this alleged breach been identified and remediated?
    • Is there any personally identifiable information (PII) included in the corpus?
    • Is my PII included in that corpus?
    • Is there a plan to notify affected individuals and/or provide remediation or credit monitoring?

    #hhonors #ice #Hilton #USPol #HiltonBoycott #ransomware

  28. So for many folks - cancelling their Hilton Honors membership was a way to let the chain know that their handling of the situation in Minneapolis was unacceptable.

    Nice techdirt article and template for those perhaps looking to do the same techdirt.com/2026/01/07/dear-h

    Now it appears that the #Cl0p folks claim to have breached Hilton.com - but have yet to publish any data. After following cl0p in a previous life, my estimate is that they're found some novel way to breach a specific technology that many of these companies have deployed, have been immensely successful in compromising a large number of them, and are now inundated with data that they have to wade through.

    (first detection I am aware of was at 2026-01-25 15:14:45 UTC)

    infosec.exchange/@ransomwatch/

    However - I do have confidence that Hilton will not pay them and the data will [eventually] be published to The Dark Web™. (Or more accurately - probably via BitTorrent)

    (you can point your TOR enabled browser of choice to santat7kpllt6iyvqbr7q4amdv6dzr for any updates - the attached screenshot is from there)

    What that means is that for folks that did cancel their membership is that their data is likely going to be leaked to various and sundry criminal elements and probably lead to increased cyber-type headaches such as spam, phishing and identity theft for anyone involved. (Note that this is also true for anyone who did not cancel their Hilton Honors membership.)

    Going to preface this next bit by indicating that I'm not a lawyer nor do I play one on TV - and that no sane person should take legal advice from me or anyone else who is not a practicing lawyer lest you end up being the star of one of those "sovereign citizen" clips on youtube.

    Now - there probably is a way to help translate at least some of this into pain for the Hilton chain. If you are in the EU - GDPR does provide a lot of leverage for individuals in terms of data and privacy protection. As data breaches are more common - and you do live in Europe - you may already have some tools to point in Hilton's general direction.

    (Of note as well is that the GDPR 72-hour notifications window starts once the company is "aware" of the breach - and there may be some convoluted verbiage on what that actually means, but your report/request as a European person may be what actually starts that clock.)

    If you don't live in Europe - the folks at DLA Piper have a fairly substantial breakdown of breach requirements by country - but may give you some pointers in keywords to be using when communicating with their agents based on your locale.

    dlapiperdataprotection.com/?t=

    Additionally - if you have the time (and patience) to deal with someone on the phone - this is is the sort of inquiry that will need to be escalated to a human (i.e. will cost Hilton money) to answer.

    hilton.com/en/help-center/glob

    You may also want to reach out via any of the emails listed in the techdirt article above

    This may be of some assistance in providing - at the very least - some time and cycle burn for their public relations folks, who are probably also very busy trying to put some spin on some of their other PR disasters.

    Some questions that you may want to ask anyone that you get a hold of via phone, email, or carrier pigeon:

    • Are you aware that the ransomware gang cl0p has claimed that they have breached Hilton.com?
    • Can you confirm that this breach notification is legitimate?
    • Do you have an idea of what data was allegedly stolen, how much and when?
      • Has the vulnerability that led to this alleged breach been identified and remediated?
    • Is there any personally identifiable information (PII) included in the corpus?
    • Is my PII included in that corpus?
    • Is there a plan to notify affected individuals and/or provide remediation or credit monitoring?

    #hhonors #ice #Hilton #USPol #HiltonBoycott #ransomware

  29. So for many folks - cancelling their Hilton Honors membership was a way to let the chain know that their handling of the situation in Minneapolis was unacceptable.

    Nice techdirt article and template for those perhaps looking to do the same techdirt.com/2026/01/07/dear-h

    Now it appears that the #Cl0p folks claim to have breached Hilton.com - but have yet to publish any data. After following cl0p in a previous life, my estimate is that they're found some novel way to breach a specific technology that many of these companies have deployed, have been immensely successful in compromising a large number of them, and are now inundated with data that they have to wade through.

    (first detection I am aware of was at 2026-01-25 15:14:45 UTC)

    infosec.exchange/@ransomwatch/

    However - I do have confidence that Hilton will not pay them and the data will [eventually] be published to The Dark Web™. (Or more accurately - probably via BitTorrent)

    (you can point your TOR enabled browser of choice to santat7kpllt6iyvqbr7q4amdv6dzr for any updates - the attached screenshot is from there)

    What that means is that for folks that did cancel their membership is that their data is likely going to be leaked to various and sundry criminal elements and probably lead to increased cyber-type headaches such as spam, phishing and identity theft for anyone involved. (Note that this is also true for anyone who did not cancel their Hilton Honors membership.)

    Going to preface this next bit by indicating that I'm not a lawyer nor do I play one on TV - and that no sane person should take legal advice from me or anyone else who is not a practicing lawyer lest you end up being the star of one of those "sovereign citizen" clips on youtube.

    Now - there probably is a way to help translate at least some of this into pain for the Hilton chain. If you are in the EU - GDPR does provide a lot of leverage for individuals in terms of data and privacy protection. As data breaches are more common - and you do live in Europe - you may already have some tools to point in Hilton's general direction.

    (Of note as well is that the GDPR 72-hour notifications window starts once the company is "aware" of the breach - and there may be some convoluted verbiage on what that actually means, but your report/request as a European person may be what actually starts that clock.)

    If you don't live in Europe - the folks at DLA Piper have a fairly substantial breakdown of breach requirements by country - but may give you some pointers in keywords to be using when communicating with their agents based on your locale.

    dlapiperdataprotection.com/?t=

    Additionally - if you have the time (and patience) to deal with someone on the phone - this is is the sort of inquiry that will need to be escalated to a human (i.e. will cost Hilton money) to answer.

    hilton.com/en/help-center/glob

    You may also want to reach out via any of the emails listed in the techdirt article above

    This may be of some assistance in providing - at the very least - some time and cycle burn for their public relations folks, who are probably also very busy trying to put some spin on some of their other PR disasters.

    Some questions that you may want to ask anyone that you get a hold of via phone, email, or carrier pigeon:

    • Are you aware that the ransomware gang cl0p has claimed that they have breached Hilton.com?
    • Can you confirm that this breach notification is legitimate?
    • Do you have an idea of what data was allegedly stolen, how much and when?
      • Has the vulnerability that led to this alleged breach been identified and remediated?
    • Is there any personally identifiable information (PII) included in the corpus?
    • Is my PII included in that corpus?
    • Is there a plan to notify affected individuals and/or provide remediation or credit monitoring?

    #hhonors #ice #Hilton #USPol #HiltonBoycott #ransomware

  30. So for many folks - cancelling their Hilton Honors membership was a way to let the chain know that their handling of the situation in Minneapolis was unacceptable.

    Nice techdirt article and template for those perhaps looking to do the same techdirt.com/2026/01/07/dear-h

    Now it appears that the #Cl0p folks claim to have breached Hilton.com - but have yet to publish any data. After following cl0p in a previous life, my estimate is that they're found some novel way to breach a specific technology that many of these companies have deployed, have been immensely successful in compromising a large number of them, and are now inundated with data that they have to wade through.

    (first detection I am aware of was at 2026-01-25 15:14:45 UTC)

    infosec.exchange/@ransomwatch/

    However - I do have confidence that Hilton will not pay them and the data will [eventually] be published to The Dark Web™. (Or more accurately - probably via BitTorrent)

    (you can point your TOR enabled browser of choice to santat7kpllt6iyvqbr7q4amdv6dzr for any updates - the attached screenshot is from there)

    What that means is that for folks that did cancel their membership is that their data is likely going to be leaked to various and sundry criminal elements and probably lead to increased cyber-type headaches such as spam, phishing and identity theft for anyone involved. (Note that this is also true for anyone who did not cancel their Hilton Honors membership.)

    Going to preface this next bit by indicating that I'm not a lawyer nor do I play one on TV - and that no sane person should take legal advice from me or anyone else who is not a practicing lawyer lest you end up being the star of one of those "sovereign citizen" clips on youtube.

    Now - there probably is a way to help translate at least some of this into pain for the Hilton chain. If you are in the EU - GDPR does provide a lot of leverage for individuals in terms of data and privacy protection. As data breaches are more common - and you do live in Europe - you may already have some tools to point in Hilton's general direction.

    (Of note as well is that the GDPR 72-hour notifications window starts once the company is "aware" of the breach - and there may be some convoluted verbiage on what that actually means, but your report/request as a European person may be what actually starts that clock.)

    If you don't live in Europe - the folks at DLA Piper have a fairly substantial breakdown of breach requirements by country - but may give you some pointers in keywords to be using when communicating with their agents based on your locale.

    dlapiperdataprotection.com/?t=

    Additionally - if you have the time (and patience) to deal with someone on the phone - this is is the sort of inquiry that will need to be escalated to a human (i.e. will cost Hilton money) to answer.

    hilton.com/en/help-center/glob

    You may also want to reach out via any of the emails listed in the techdirt article above

    This may be of some assistance in providing - at the very least - some time and cycle burn for their public relations folks, who are probably also very busy trying to put some spin on some of their other PR disasters.

    Some questions that you may want to ask anyone that you get a hold of via phone, email, or carrier pigeon:

    • Are you aware that the ransomware gang cl0p has claimed that they have breached Hilton.com?
    • Can you confirm that this breach notification is legitimate?
    • Do you have an idea of what data was allegedly stolen, how much and when?
      • Has the vulnerability that led to this alleged breach been identified and remediated?
    • Is there any personally identifiable information (PII) included in the corpus?
    • Is my PII included in that corpus?
    • Is there a plan to notify affected individuals and/or provide remediation or credit monitoring?

    #hhonors #ice #Hilton #USPol #HiltonBoycott #ransomware

  31. So for many folks - cancelling their Hilton Honors membership was a way to let the chain know that their handling of the situation in Minneapolis was unacceptable.

    Nice techdirt article and template for those perhaps looking to do the same techdirt.com/2026/01/07/dear-h

    Now it appears that the #Cl0p folks claim to have breached Hilton.com - but have yet to publish any data. After following cl0p in a previous life, my estimate is that they're found some novel way to breach a specific technology that many of these companies have deployed, have been immensely successful in compromising a large number of them, and are now inundated with data that they have to wade through.

    (first detection I am aware of was at 2026-01-25 15:14:45 UTC)

    infosec.exchange/@ransomwatch/

    However - I do have confidence that Hilton will not pay them and the data will [eventually] be published to The Dark Web™. (Or more accurately - probably via BitTorrent)

    (you can point your TOR enabled browser of choice to santat7kpllt6iyvqbr7q4amdv6dzr for any updates - the attached screenshot is from there)

    What that means is that for folks that did cancel their membership is that their data is likely going to be leaked to various and sundry criminal elements and probably lead to increased cyber-type headaches such as spam, phishing and identity theft for anyone involved. (Note that this is also true for anyone who did not cancel their Hilton Honors membership.)

    Going to preface this next bit by indicating that I'm not a lawyer nor do I play one on TV - and that no sane person should take legal advice from me or anyone else who is not a practicing lawyer lest you end up being the star of one of those "sovereign citizen" clips on youtube.

    Now - there probably is a way to help translate at least some of this into pain for the Hilton chain. If you are in the EU - GDPR does provide a lot of leverage for individuals in terms of data and privacy protection. As data breaches are more common - and you do live in Europe - you may already have some tools to point in Hilton's general direction.

    (Of note as well is that the GDPR 72-hour notifications window starts once the company is "aware" of the breach - and there may be some convoluted verbiage on what that actually means, but your report/request as a European person may be what actually starts that clock.)

    If you don't live in Europe - the folks at DLA Piper have a fairly substantial breakdown of breach requirements by country - but may give you some pointers in keywords to be using when communicating with their agents based on your locale.

    dlapiperdataprotection.com/?t=

    Additionally - if you have the time (and patience) to deal with someone on the phone - this is is the sort of inquiry that will need to be escalated to a human (i.e. will cost Hilton money) to answer.

    hilton.com/en/help-center/glob

    You may also want to reach out via any of the emails listed in the techdirt article above

    This may be of some assistance in providing - at the very least - some time and cycle burn for their public relations folks, who are probably also very busy trying to put some spin on some of their other PR disasters.

    Some questions that you may want to ask anyone that you get a hold of via phone, email, or carrier pigeon:

    • Are you aware that the ransomware gang cl0p has claimed that they have breached Hilton.com?
    • Can you confirm that this breach notification is legitimate?
    • Do you have an idea of what data was allegedly stolen, how much and when?
      • Has the vulnerability that led to this alleged breach been identified and remediated?
    • Is there any personally identifiable information (PII) included in the corpus?
    • Is my PII included in that corpus?
    • Is there a plan to notify affected individuals and/or provide remediation or credit monitoring?

    #hhonors #ice #Hilton #USPol #HiltonBoycott #ransomware

  32. 🚨 nuova rivendicazione #ransomware Italia 🚨 🏴☠️ gruppo #CL0P^_ 🧬 Restart SRL | Genova 🎯 settore: telecomunicazioni 🔗 rstrt.it 🗓️ 23 gennaio 2026 📄 sample: - ▪️ dati esfiltrati dichiarati: - ▪️ dati esfiltrati pubblicati: - ⏲️ scadenza: - #ransomNews #cybersecurity #cyberthreats

  33. 🚨 nuova rivendicazione #ransomware Italia 🚨 🏴☠️ gruppo #CL0P 🧬 Mutti SPA | Montechiarugolo (PR) 🎯 settore: alimentare 🔗 mutti-parma.com 🗓️ 08 gennaio 2026 📄 sample: - ▪️ dati esfiltrati dichiarati: - ▪️ dati esfiltrati pubblicati: - ⏲️ scadenza: - #ransomNews #cybersecurity #cyberthreats

  34. Korean Air confirms 30,000 of its employee records have been stolen after the Cl0p ransomware gang leaked the data online, following exploitation of an Oracle EBS vulnerability.

    Read: hackread.com/30000-korean-air-

    #CyberSecurity #DataBreach #Cl0p #KoreanAir #OracleEBS #InfoSec

  35. Korean Air confirms 30,000 of its employee records have been stolen after the Cl0p ransomware gang leaked the data online, following exploitation of an Oracle EBS vulnerability.

    Read: hackread.com/30000-korean-air-

  36. Korean Air confirms 30,000 of its employee records have been stolen after the Cl0p ransomware gang leaked the data online, following exploitation of an Oracle EBS vulnerability.

    Read: hackread.com/30000-korean-air-

    #CyberSecurity #DataBreach #Cl0p #KoreanAir #OracleEBS #InfoSec

  37. Korean Air confirms 30,000 of its employee records have been stolen after the Cl0p ransomware gang leaked the data online, following exploitation of an Oracle EBS vulnerability.

    Read: hackread.com/30000-korean-air-

    #CyberSecurity #DataBreach #Cl0p #KoreanAir #OracleEBS #InfoSec