Daily Briefing is a curated listicle made available by The Readable. The summaries of each article were created by ChatGPT 4o and edited by Dain Oh. Arthur Gregory Willers contributes to enhance the overall readability of the briefing.
1. Canadian man charged in $65 million crypto fraud and money laundering scheme – US Justice Department
Canadian citizen Andean Medjedovic has been charged with fraud for allegedly exploiting vulnerabilities in two cryptocurrency platforms, KyberSwap and Indexed Finance, to steal approximately $65 million from investors. Between 2021 and 2023, he used deceptive trading methods to manipulate the platforms’ automated systems, causing them to miscalculate prices and enabling him to withdraw funds at artificially low values, leaving investors with worthless assets.
Authorities also accuse Medjedovic of laundering the stolen money through complex digital transactions to conceal its origin and ownership. He allegedly used false identities to open accounts on cryptocurrency exchanges. After hacking KyberSwap in 2023, he further attempted to extort the victims by demanding full control of the platform in exchange for returning part of the stolen funds.
Medjedovic now faces multiple charges, including fraud, money laundering, and extortion. If convicted, he could receive up to 20 years in prison for each major offense. The case is being investigated by U.S. law enforcement agencies, with assistance from international authorities, including Dutch cybercrime investigators.
2. Global operation shuts down major cybercrime marketplaces, charges administrator – US Justice Department
U.S. and international law enforcement agencies have dismantled two major online cybercrime marketplaces, Cracked and Nulled, which were used to sell stolen login credentials, hacking tools, and personal data. With millions of users, these platforms facilitated large-scale cybercrime, including identity theft and financial fraud. The FBI, along with its global partners, seized their websites, servers, and payment processing systems to disrupt these illegal activities.
Authorities have also unsealed charges against Lucas Sohn, a 29-year-old Argentinian national living in Spain, who served as an administrator of Nulled. He is accused of facilitating transactions involving stolen personal information, including Social Security numbers of U.S. citizens. If convicted, he faces up to 15 years in prison for identity fraud and other offenses.
This multinational effort, involving agencies from the U.S., Australia, France, Germany, Spain, Italy, Greece, and Romania, aims to dismantle cybercrime networks and prevent the further exploitation of stolen data. Visitors to the seized websites are now greeted with law enforcement notices confirming the shutdown.
3. Over 1 million patient records stolen in major healthcare data breach – Forbes
A major data breach at Community Health Center, a Connecticut-based healthcare provider, has exposed the personal and medical records of over one million patients. Discovered on January 2, the breach allowed a skilled hacker to access sensitive data, including names, Social Security numbers, medical diagnoses, and health insurance details. Although the attack did not involve ransomware, the stolen data poses a significant risk for identity theft and fraud. The organization claims it stopped the hacker within hours and has since strengthened its security measures.
Cybersecurity experts warn that healthcare providers remain prime targets for cybercriminals due to the high value of medical data and the industry’s urgency. Unlike financial institutions with strong defenses, hospitals and clinics often lack robust cybersecurity, making them easier to breach. Attackers also know that healthcare organizations may be more likely to pay ransom quickly to avoid disrupting patient care. Experts predict that ransomware attacks on healthcare will increase in 2025 due to these vulnerabilities.
Meanwhile, another ransomware attack has disrupted operations at the New York Blood Center, affecting blood donations for 200 hospitals. These incidents underscore the urgent need for better cybersecurity measures in healthcare to protect both patient data and critical medical services.
Related articles:
- Global healthcare cyberattacks: Calling for greater collaboration against foreign hackers
- A list of healthcare cyberattacks that disrupted emergency services in 2023
- [Perspective] When our cyber defenses bleed and supply chains fail
4. Russia ‘hacked Starmer’s dangerously obvious email account’ – The Telegraph
Russian hackers are believed to have breached Sir Keir Starmer’s personal email account in 2022, when he was leader of the U.K. opposition. He is now the Prime Minister. Following concerns that the account had been compromised, U.K. security services advised him to abandon it, though there is no evidence that any emails were leaked or published. The account’s security was reportedly ‘dangerously obvious,’ prompting Starmer to switch to a more secure account with two-factor authentication after the breach was discovered. Senior Labour officials were briefed on the incident, and a note was circulated instructing staff not to email Starmer without prior explanation.
The suspected Russian hackers also targeted an informal adviser to John Healey, who was the U.K. shadow defense secretary at the time, using a fake Zoom invitation with malware to spy on Labour’s defense strategy. While the stolen emails contained information on Labour’s security stance, experts assessed the intelligence value as limited. This hack was part of a broader pattern: Liz Truss, the U.K. Prime Minister in 2022 and former Foreign Secretary, was also suspected of having her phone hacked by Russia that same year while leading U.K. foreign policy. Additionally, Sir Richard Dearlove, former head of MI6 (the U.K.’s foreign intelligence service), had his emails leaked in 2022.
These incidents highlight ongoing cybersecurity threats from Russia against high-profile UK political figures. The breaches occurred shortly after Russia’s invasion of Ukraine, suggesting they were part of broader cyber-espionage efforts targeting Western officials.
