Undisclosed U.S. government agency (reported as “Department of Government Efficiency”)
May 8, 2025
•[ infostealer, malware, credential leak ]
Ars Technica reports a government software engineers workstation was infected with info-stealing malware, with login credentials appearing in multiple stealer-log dumps since 2023; investigation centers on credential exposure rather than confirmed enterprise compromise.
Santeda International B.V.
May 1, 2025
•[ data breach, credential leak, unencrypted data ]
Investigators reported a data breach affecting MyStake, a Curaao-licensed online casino operated by Santeda International B.V., tracing the exposure back to approximately May 2025. A PDF containing login credentials for 540 MyStake accounts was shared online, and specialists reportedly confirmed they could log into most accounts listed, indicating passwords were still valid long after the leak became known. Once logged in, auditors said they could view sensitive player details stored without encryption, including names, home addresses, phone numbers, dates of birth, and detailed transaction histories. Reporting alleged that users were not notified for more than eight months and that MyStake did not enforce password resets or suspend compromised accounts during that period, increasing risk of account takeover, fraud, and identity misuse.
Pearson plc
January 1, 2025
•[ data leak, source code leak, credential leak ]
Threat actors used an exposed GitLab PAT to access source code and cloud credentials, stealing terabytes of corporate and customer data over months.
