Read also: police crackdown on cybercrime across Africa results in over 300 arrests, alleged Snowflake hacker consents to be extradited to the US, and more.

Views: 2.9k Read Time: 4 min.

Football Coach Charged For Hacking Student-Athlete Data

Football coach charged for hacking student-athlete data

Matthew Weiss, the former co-offensive coordinator and quarterbacks coach for the University of Michigan's football team, has been charged with hacking into thousands of accounts of athletes and alumni across over 100 colleges and universities. Weiss allegedly spent eight years accessing and downloading private data from the accounts, including intimate photos and videos, without consent. Federal investigators revealed that Weiss gained unauthorized access to a student-athlete database containing personal and medical information of more than 150,000 athletes, mainly women.

Weiss is accused of using various methods to infiltrate the accounts of over 2,000 athletes and more than 1,300 students and alumni. He then used this information to access their social media, email, and cloud storage accounts. In many cases, Weiss downloaded intimate, personal photos and videos that were intended to be shared only within private relationships.

Additionally, Weiss reportedly cracked encryption to obtain athletes' passwords, further accessing and manipulating their accounts. Even after initially gaining access to these accounts, Weiss continued to return to them months or even years later, searching for new private content.

The charges against Weiss include 24 counts in total: 14 counts of unauthorized access to computers and 10 counts of aggravated identity theft. If convicted on all counts, Weiss faces significant prison time, with each count of unauthorized access carrying a potential sentence of up to five years, while each count of aggravated identity theft could add two more years to his sentence.

Over 300 apprehended in an international police crackdown on cybercrime

Authorities across seven African countries have arrested 306 individuals and seized 1,842 devices in a major international operation aimed at dismantling cybercrime networks. The operation, known as Operation Red Card, took place between November 2024 and February 2025, targeting criminal syndicates involved in mobile banking fraud, investment scams, and fraudulent messaging apps. The criminal operations impacted over 5,000 victims across the region.

In Nigeria, 130 people were arrested, including 113 foreign nationals, involved in online casino fraud and investment scams. Some of the arrested individuals were victims of human trafficking coerced into participating in the crimes. In addition to the arrests, Nigerian authorities seized vehicles, houses, land, and numerous devices.

In South Africa, 40 people were arrested in connection with a SIM box fraud operation used to facilitate SMS phishing (smishing) attacks. Authorities seized over 1,000 SIM cards and dozens of devices.

In Zambia, 14 individuals were arrested for hacking, where they spread malware to steal banking information and exploit messaging apps. Lastly, in Rwanda, 45 individuals were arrested for social engineering scams that defrauded victims of over $305,000, with authorities recovering $103,043 and seizing 292 devices.

Suspected Snowflake hacker agrees to extradition from Canada to the US

Connor Riley Moucka, also known as Alexander Antonin Moucka, signed a consent order in Ontario Superior Court in Kitchener, agreeing to his transfer to US custody, where he faces multiple charges. Canadian authorities have not disclosed the timeline for his extradition.

Moucka was arrested in October following accusations from US authorities that he was involved in a major cyber-attack on data storage company Snowflake in 2024, which saw the accounts of approximately 165 companies compromised. Some of the companies affected by the intrusion included AT&T, Ticketmaster, Advance Auto Parts, Neiman Marcus, LendingTree, and several others.

Notably, the AT&T breach compromised logs from calls and texts from over 100 million customers, while the Ticketmaster breach affected around 560 million users. An investigation determined that the hackers exploited still-valid credentials from accounts dating back to 2020 to access a variety of company accounts.

Further investigation revealed that the hacker responsible for the Snowflake attack was believed to be based in North America, with possible collaboration from an accomplice in Turkey. The alleged co-conspirator, John Erin Binns, was arrested by Turkish authorities in May 2024 for his involvement in a previous cyber-attack on T-Mobile. In the US, Moucka faces a wide range of charges, including conspiracy to commit computer fraud, accessing a protected computer, transmitting a threat, wire fraud, and aggravated identity theft.

Authorities in multiple US states arrest Chinese scammers behind novel tap-to-pay fraud scheme

Authorities in at least two US states apprehended several Chinese nationals accused of orchestrating a new form of tap-to-pay fraud, leveraging mobile devices and stolen financial information.

In Knoxville, Tennessee, the Knox County Sheriff’s Office announced the arrest of 11 Chinese nationals, who are accused of using mobile wallets created through online phishing scams to purchase tens of thousands of dollars’ worth of gift cards at local retailers. The mobile wallets were used to conduct fraudulent transactions with stolen or compromised credit and debit card information.

The fraudsters used a custom Android app to relay tap-to-pay transactions from mobile devices located in China. The app allowed them to bypass the fraud prevention mechanisms to make unauthorized purchases using stolen payment data.

News media in Sacramento reported the arrests of two Chinese nationals who used a custom app to run stolen credit card transactions at a local Target store. While many of the transactions were declined, the suspects were still able to steal $1,400 worth of gift cards. After their arrests, both men reportedly admitted to being paid $250 per day to conduct the fraudulent transactions.

Get a Demo

ImmuniWeb can help you to prevent data breaches and meet regulatory requirements.

A gang specializing in bank fraud arrested in Dubai

Dubai police have arrested a criminal gang that specialized in impersonating employees of the Consumer Rights Protection Department. The group used sophisticated techniques to trick individuals into handing over their sensitive banking information via the UAE PASS app.

The gang used sophisticated social engineering tactics to manipulate victims into disclosing confidential data, including their bank card details. The scam typically began with phone calls from individuals pretending to be officials from the Consumer Rights Protection Department. The callers would convince victims to either update their details on digital identity platforms or share vital banking information, such as their bank card numbers, CVV codes, and one-time passwords (OTPs).

In other news, a total of 73 individuals were apprehended in Spain for operating a criminal organization that targeted people who had visited fake dating websites. The group, which included recruiters, extractors, “mules,” and “voices,” extorted money from victims. The organization is believed to have collected over 2 million euros, primarily in cash.

In a coordinated operation, 22 simultaneous searches were carried out across Valencia, Alicante, and Barcelona, resulting in the seizure of around 250,000 euros, firearms, and machetes. Authorities also froze 129 bank accounts, three properties, and more than 20 vehicles.