Last Week’s Quote was: “We are always getting what we believe, but not always what we want,” was by Ernest Holmes.  No one got it. 

This Week’s Quote:  “Good judgement comes from experience, which comes from bad judgement.” By ???

THE RULES:  No searching up the answer, must be posted at the bottom of the blog post, in the comments section.

The Prize:  First person to post the correct answer gets their next domain or hosting renewal on us.

Famed Cryptographer Vanishes Amid FBI Raids and University Scrubbing

Xiaofeng Wang, a tenured professor and associate dean at Indiana University’s Luddy School, renowned for $23 million in funded research and prolific publications on cryptography, data privacy, and genomic security, has vanished. His university email, phone, and profile were quietly deleted, as was that of his wife, Nianli Ma, a Lead Systems Analyst at IU Library Technologies. Concurrently, FBI agents in unmarked vehicles executed court-authorized raids at their Bloomington and Carmel, Indiana homes. At the Carmel property, agents used a megaphone to demand entry, seized a phone from a woman presumed to be Ma, questioned her in the driveway, repositioned a car to access the attic, took photos, and removed boxes over a four-hour operation. She returned later with a lawyer. Local TV station WTHR reported details; neighbors recorded video. IU refused to answer employment questions, redirecting to the FBI, which confirmed the raids but withheld case details. Federal court dockets show no filings. Wang and Ma remain unreachable; even a personal email to Wang went unanswered. Cryptographers Matthew Green and Matt Blaze voiced alarm at the erasure of a tenured figure, calling the events deeply irregular. Their students reportedly hadn’t heard from them in two weeks. Their citizenship status remains unknown.

Read: https://arstechnica.com/security/2025/03/computer-scientist-goes-silent-after-fbi-raid-and-purging-from-university-website/

Royal Mail Breach Exposes 144GB of Data via Suspected Vendor Compromise

On March 31, 2025, a hacker known as GHNA posted on Breach Forum claiming to have leaked 144GB of internal data from Royal Mail Group, the UK’s centuries-old postal service. The archive—293 folders, 16,549 files—includes customer PII (names, addresses, postal codes, shipping details), sender business data, internal Zoom meeting recordings, backend SQL databases, post office and delivery route info, and Mailchimp exports with campaign tags and consent metadata. Screenshots reference calls between Royal Mail and **Spectos**, a German data analytics firm, suggesting a third-party breach rather than a direct intrusion.

Royal Mail confirmed awareness of an incident “alleged to have affected Spectos,” a vendor, and stated it’s investigating. Spectos has not publicly commented. GHNA, active on Breach Forum since late 2024, has previously leaked or sold data tied to Samsung Electronics (Germany), Touchworld Technology LLC, Liberty Latin America, multiple American and European CRM and staking platforms, and crypto-adjacent firms including a casino. Some posts were marked “VERIFIED” or sold, implying operational access is monetized.

This is Royal Mail’s second major cybersecurity event in recent years—LockBit ransomware shut down international deliveries in early 2023. Now, the spotlight shifts to vendor security and Royal Mail’s data governance amid growing regulatory scrutiny.

Read: https://hackread.com/hacker-leaks-royal-mail-group-data-supplier-spectos/

OpenSNP Shuts Down Amid Privacy Fears and Political Shifts

OpenSNP, the open-source platform founded in 2011 by Bastian Greshake Tzovaras, Philipp Bayer, and Helge Rausch, will shut down and delete its entire dataset by the end of April. Built as a public repository for consumer genetic test data, including from 23andMe, the site amassed nearly 13,000 users and identified over 7,500 genomes, supporting research from infosec to biomedicine. It operated on just $100 a month and never received law enforcement requests for user data.

The decision to shutter stems from a revised risk-benefit analysis in what Greshake Tzovaras calls a radically changed environment. The bankruptcy of 23andMe—amid fears its sensitive genetic data may be auctioned to bidders unconcerned with privacy—triggered calls from California and New York attorneys general for users to delete their data. Greshake Tzovaras also cited the resurgence of authoritarian governments, referencing the U.S. under Trump’s second term, where he claims people are being disappeared during immigration raids and public data is vanishing from government websites.

While openSNP once appeared immune to law enforcement misuse—unlike GEDmatch, used in the Golden State Killer case—it now feels like a liability. Greshake Tzovaras called the project’s end the most responsible act of stewardship, and perhaps, his greatest achievement—a brief, $100-a-month lesson in democratized genomics.

Read: https://techcrunch.com/2025/04/01/genetic-sharing-site-opensnp-to-shut-down-citing-concerns-of-data-privacy-and-rise-in-authoritarian-governments/

Google Simplifies Gmail Encryption with Client-Side Update for Workspace Users

Google is rolling out client-side encryption (CSE) in Gmail for Google Workspace users, aiming to eliminate the need for complex Secure/Multipurpose Internet Mail Extensions (S/MIME) configurations and third-party tools like Mimecast, Proofpoint, or Virtru. Previously, Gmail’s end-to-end encryption (E2EE) required administrators to purchase, renew, and provision certificates for each user, a task Julien Duplant, Google Workspace product manager, described as a “real nightmare.” The new CSE feature allows users to encrypt emails, calendar entries, files, and meetings directly within Gmail. When enabled, senders can apply E2EE with a single click; recipients using Gmail see decrypted content automatically, while external users receive a link to access the message via a restricted guest Google Workspace account. Administrators can enforce guest mode for all recipients. Decryption occurs within Google’s infrastructure, where temporary user accounts are created to ensure messages never leave private storage.

Google’s move contrasts with Microsoft’s Exchange Online, which lacks a similar E2EE feature but offers strong data classification and data loss prevention (DLP) via Purview and Intune. Google recently added its own DLP for Gmail, enhancing detection and control of sensitive data. A beta version of Gmail’s new E2EE capability launches next week at Google Cloud Next in San Francisco, initially limited to intra-organizational emails, with broader support coming later this year.

Read: https://www.darkreading.com/data-privacy/google-end-to-end-encryption-gmail

Samsung Germany Breach Exposes 270,000 Records Due to Years-Old Credential Leak

Roughly 270,000 customer records from Samsung Germany’s ticketing system were leaked online by a threat actor known as “GHNA,” according to cybersecurity firm Hudson Rock. GHNA accessed Samsung’s system using login credentials tied to Spectos GmbH, a company responsible for monitoring and service quality. These credentials, originally stolen in 2021 after a Spectos employee’s computer was infected with the Racoon infostealer, remained unchanged and dormant for four years before being exploited in 2025. The breach exposed personally identifiable information—names, physical and email addresses—alongside transaction details, order numbers, tracking URLs, and support communications between customers and Samsung.

The dataset’s richness enables attacks including targeted phishing, customer support impersonation, fake warranty claims, and even physical theft (e.g., porch piracy). Hudson Rock warns that with AI, attackers could algorithmically identify high-value targets and craft highly tailored phishing attempts, including simulated support calls. Samsung has not yet commented.

Read: https://www.securityweek.com/hacker-leaks-samsung-customer-data/


Elsewhere online: