I honest to fucking God don’t understand how cybersec is so fucking bad that there are so many damn data breaches that I lost count. I had a few accounts on chatgpt (that I dont use anymore) but they are all compromised now…
Just what the fuck is this shit? Are they done by lone actors or cybercrime gang? Or are they state actors or state-backed actors? Or are they inside jobs to allow the company to sell data illegally to make more money? Flock has admitted to using data from data breaches to their system.
You also notice how rarely you hear about cybercriminals getting caught? It’s almost like if you take even a minor bit of opsec you can get away with anything.
I guess that makes sense. I guess if those hackers were in North America we’d see some arrests?
And we do! Usually it’s American/British kids that get caught after going after high profile targets because they’re kids and they’re dumb. Some of the more well known groups (e.g. Scattered Spider, The Com) specifically recruit minors to do the hands on keyboard operations because they’re less likely to get time than adults. Most resourced hackers are not stupid enough to launch operations against Western organizations from countries with extradition agreements.
https://cybernews.com/cybercrime/scattered-spider-mgm-hackers-indictment/
https://krebsonsecurity.com/2025/07/uk-charges-four-in-scattered-spider-ransom-group/
https://www.bleepingcomputer.com/news/security/scattered-spider-hacker-gets-sentenced-to-10-years-in-prison/