Key developments
ShinyHunters-linked breaches surface at Carnival and Kemper
Carnival Corporation said a social-engineering attack let an unauthorized actor access a limited portion of its IT systems and copy personal information. The company began notifying 5,995,277 customers and said it first detected unauthorized activity on April 14, then determined on April 22 that data had been copied. HookPhish separately reported that Kemper Corporation confirmed a related ShinyHunters-linked Salesforce intrusion, with the group claiming tens of gigabytes of data, 269,000 unique email addresses, and partial payment card details.
Why it matters
It shows ShinyHunters' social-engineering playbook is still producing large-scale personal data exposures across multiple companies.
Sources & driving stories
BLEEPINGCOMPUTER · Sergiu Gatlan
BleepingComputer coverageHOOKPHISH
HookPhish coverageDutch police arrest Ajax hacking suspect
Dutch police arrested a 35-year-old man from Buren on May 26 on suspicion of repeatedly intruding into AFC Ajax's systems. Ajax had disclosed the incident on March 25 after vulnerabilities in its app and website exposed APIs and shared access keys; RTL reported the flaws could have exposed private data for more than 300,000 registered fans and affected more than 42,000 season tickets and 538 supporters with stadium bans. Police seized data carriers during the search.
Why it matters
The arrest marks a concrete law-enforcement step in a breach that potentially exposed large volumes of fan data.
Sources & driving stories
HELP NET SECURITY · Sinisa Markovic
Help Net Security coverageUnited Medical Systems reports healthcare data breach
United Medical Systems disclosed a breach affecting 485 people, including 30 Massachusetts residents and four Maine residents. The notice said Social Security numbers and driver's license numbers were exposed, and the company started notifying affected individuals on May 20. It offered Kroll identity monitoring and fraud support to those impacted.
Why it matters
Even a relatively small healthcare breach involved high-risk identifiers that can drive identity theft.
Sources & driving stories
CLAIM DEPOT
Claim Depot coverageWorth noting
WORTH NOTING
Texas probes Meta AI glasses
A May 20 Texas attorney general investigation signals growing scrutiny of camera-equipped wearables that could capture audio, video, and facial data from users and bystanders.
WORTH NOTING
33-year sentence in sextortion case
The sentence is a major enforcement outcome in a long-running online sextortion scheme that relied on coercion and stolen intimate material from children.
Still unclear
OPEN QUESTION
How many more ShinyHunters victims will disclose?
Carnival and Kemper suggest the same social-engineering campaign may still be driving downstream customer notifications and leak claims.
OPEN QUESTION
Will AI wearables face broader privacy rules?
Texas's probe of Meta smart glasses points to unresolved questions about always-on devices that can collect biometric and location-adjacent data.