Share this analysis

UK MPs Get AI Fake IDs, Chaos Ransomware Loses Millions, and Dark Web Forums Eat Themselves.

11 August 2025
BREACHAWARE HQ
Parliament

A total of 31 breach events were found and analysed resulting in 14,232,366 exposed accounts containing a total of 46 different data types of personal datum. The breaches found publicly and freely available included ULP Alien TxT File - Episode 20, Conversion Media Group, BDV, ULP 0030 and College Search. Sign in to view the full library of breach events which includes, where available, reference articles relating to each breach.

Categories of Personal Data Discovered

Contact, Sociodemographic, Digital Behaviour, Finance, National Identifiers, Unstructured, Commerce, Technology, Geolocation, Career, Communication Logs, Audio and Visual, Health and Environment, Legal, Membership, Academic.

Data Breach Impact

The scale and depth of this breach set it apart, not only were over fourteen million accounts exposed, but the data spans an unusually broad 46 different personal data types. That level of granularity means attackers could assemble remarkably detailed profiles on individuals, from basic identifiers to niche behavioural or demographic insights. The mix of breached sources, ranging from corporate databases (Conversion Media Group, BDV) to educational and informational services (College Search), shows how diverse the attack surface has become. The repeated appearance of ULP Alien TxT File entries highlights the persistence of unsecured, text-based data repositories that continue to leak valuable personal information into the public domain.

For the organisations involved, this isn’t just another cyber week, it’s a credibility test. Regulatory bodies will pay close attention to breaches affecting multiple sensitive data categories, and the fact that this information was found freely available makes it even harder to defend. For companies like Conversion Media Group and BDV, the reputational fallout could be significant, especially if customers feel their personal data was mishandled or unnecessarily retained. The presence of College Search data also hints at risks around young or first-time internet users, which can draw additional compliance and ethical scrutiny. If nothing else, this breach set is a clear reminder that safeguarding data isn’t only about locking down core systems, it’s about mapping and securing every repository, shadow system, and forgotten storage path before it becomes tomorrow’s headline.

Cyber Spotlight

The UK government’s shiny new Online Safety Act has already met its first big obstacle: the internet… which, as it turns out, couldn’t care less about your legislation, your feelings, or your earnest press conferences.

Someone with a wicked sense of humour has managed to completely clown the law’s age verification system. They built a website that uses AI to generate fake driving licences for every Member of Parliament. Just pop in your postcode, and, voilà! You get your local MP on a shiny ID card. The best part? You can use it to slip past those brand new age verification walls.

Originally, ministers swore blind they wouldn’t analyse the data collected from these checks. Fast-forward a few days, and suddenly they’re keeping it for six months to “comb through” later. That’ll be quite the surprise when their database is stuffed full of their own faces on fake licences. Good luck with that, lads.

Over in the US, the FBI has bagged 20 Bitcoin, about £1.7 million, or $2.3 million, from a wallet linked to a Chaos Ransomware member. Authorities believe this particular individual was involved in hitting and extorting multiple companies in Texas.

Chaos is relatively new on the ransomware scene, but the rumour is they’re just BlackSuit Ransomware in new clothes. This theory gained steam after the BlackSuit site was seized during Operation Checkmate, where law enforcement managed to take over their onion domains, including their negotiation and payment portals. A solid reminder that in cybercrime, “rebranding” isn’t the same as “escaping the cops.”

Meanwhile, one of the bigger dark web hacking forums had to do some damage control. In an announcement to users, admins admitted someone had tried exploiting an XSS vulnerability (basically a web code trick) and claimed they’d breached the platform and accessed user data. The admins insist nothing was actually exposed, but the attempt was enough to shake things up.

On top of that, the forum’s staff roster looks like it’s in witness protection, moderators and admins keep disappearing, either voluntarily or via arrest. The latest admin has also bought a site similar to Doxbin, but with a twist: it’s now themed around swatting. Because apparently the dark web is still finding new ways to make itself even less charming.

Vulnerability Chat

Cisco Talos researchers have also unveiled a set of vulnerabilities in Broadcom chips used in Dell computer models. Nicknamed “ReVault,” these flaws could allow hackers to hijack devices, steal passwords, and access sensitive data. Dell has already rolled out security updates to address the issue.

A newly disclosed flaw in the 7-Zip file compression software affects all versions prior to 25.01 and stems from improper handling of symbolic links during extraction. While the attack requires specific conditions to succeed, the security advisory urges caution for anyone running outdated versions.

Trend Micro’s on-premises Apex One endpoint security platform is facing active exploitation, and at the moment, there’s no patch available. The company warns that remote attackers with access to the management console could exploit the vulnerabilities to upload malicious code and execute commands on affected machines.

Dr. Baptiste David and Tillmann Osswald from ERNW Research have identified a flaw in Windows Hello for Business that could make it vulnerable to bypass attacks. Suggested fixes include storing biometric data in the Trusted Platform Module (TPM) or carrying out a significant code rewrite.

Federal authorities have issued an alert for a vulnerability in on-premises Microsoft Exchange servers. The warning came shortly after a researcher presented the defect at Black Hat. According to Tom Gallagher, VP of engineering at Microsoft Security Response Center, exploitation requires an attacker to first gain administrative access to an on-premises Exchange server in a hybrid environment.

Organisations using CCTV products from Axis Communications may be at risk after Team82 researcher Noam Moshe discovered four critical vulnerabilities. While the manufacturer says it has not observed exploitation in the wild, it has issued advisories for all four flaws.

Finally, Google’s AI-powered vulnerability detector, Big Sleep, has uncovered 20 previously unknown security vulnerabilities in widely used open-source projects such as FFmpeg and ImageMagick. Developed by Google DeepMind and Google Project Zero, Big Sleep has been instrumental in identifying zero-day flaws since its launch last year. “It has exceeded our expectations and is accelerating AI-powered vulnerability research,” said Sandra Joyce, VP of Google Threat Intelligence, in a blog post.

3 Common Vulnerability and Exposures (CVEs) were added to the CyberSecurity & Infrastructure Security Agency's (CISA) 'Known Exploited Vulnerabilities Catalog' last week including:
- D-Link; DCS-2530L and DCS-2670L Devices

See the full catalog here: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

NIST's National Vulnerability Database (NVD), the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP), has published 683 vulnerabilities during the last week, making the 2025 total 28,320. For more information visit https://nvd.nist.gov/vuln/search/

View the latest critical vulnerabilities, exploited vulnerabilities and EU CSIRT coordinated vulnerabilities from the European Union Agency for Cybersecurity (ENISA) "Vulnerability Database" here: https://euvd.enisa.europa.eu/homepage

Information Privacy Headlines

A newly launched Instagram feature that displays users’ geolocation data has sparked a wave of backlash. While Meta insists the setting is optional and disabled by default, many users have voiced concerns over potential privacy risks. “Instagram turning on our exact location to thousands of people to see is actually terrifying,” wrote Valentina Voight, founder of lingerie brand Voight, on X.

In Canada, the Office of the Privacy Commissioner has opened an investigation into a cyberattack on WestJet. A “malicious actor” reportedly gained access to the airline’s systems, prompting regulators to focus on ensuring the company is effectively addressing the breach and safeguarding customer data.

In Australia, Optus faces renewed legal pressure as the Office of the Australian Information Commissioner (OAIC) sues the telco over the 2022 breach that exposed data belonging to around 9.5 million Australians. The OAIC alleges Optus failed to meet adequate cybersecurity and information security standards given its size, the amount of personal information it held, and its overall risk profile.

Smarter Protection Starts with Awareness
Data Breach Scan, Check Any Domain for Free https://breachaware.com/scan

  • Key Stats
  • BREACH EVENTS
    0
  • EXPOSED ACCOUNTS
    0
  • EXPOSED DATUM TYPES
    0