"This took all of 20 minutes," Exempt, a member of the group that carried out the ploy, told WIRED. He claims that his group has been successful in extracting similar information from virtually every major US tech company, including Apple and Amazon, as well as more fringe platforms like video-sharing site Rumble, which is popular with far-right influencers. Exempt shared the information Charter Communications sent to the group with WIRED, and explained that the victim was a "gamer" from New York.
On January 23, 2025, the Bian Lian ransomware gang added the Medical Associates of Brevard ("MAB") to its dark web leak site. At the time, they listed the types of data they claimed to have acquired, but did not provide any screenshots or proof of claims. Months later, BianLian went offline. What happened to any data they may have exfiltrated is not currenlty known to DataBreaches, but on September 5, 2025, MAB notified HHS that 246,711 patients were affected by the incident.
Cloud storage is used by most businesses, with 78% of respondents to a 2024 PwC survey indicating they've adopted cloud across most of their organizations. But many firms are unknowingly opening themselves up to security and data protection risks: sensitive data is being held in 9% of publicly-accessible cloud storage, and 97% of this information is classified as restricted or confidential, according to Tenable's 2025 Cloud Security Risk Report.
Unique links are created when Grok users press a button to share a transcript of their conversation - but as well as sharing the chat with the intended recipient, the button also appears to have made the chats searchable online. A Google search on Thursday revealed it had indexed nearly 300,000 Grok conversations. It has led one expert to describe AI chatbots as a "privacy disaster in progress".
Hundreds of thousands of conversations that users had with Elon Musk's xAI chatbot Grok are easily accessible through Google Search, reports Forbes. Whenever a Grok user clicks the "share" button on a conversation with the chatbot, it creates a unique URL that the user can use to share the conversation via email, text or on social media. According to Forbes, those URLs are being indexed by search engines like Google, Bing, and DuckDuckGo, which in turn lets anyone look up those conversations on the web.
The vulnerability, tracked as CVE-2025-3648 (CVSS score: 8.2), has been described as a case of data inference in Now Platform through conditional access control list (ACL) rules.
