Officers of Spain’s National Police have arrested a person accused of leaking sensitive personal information belonging to members of several state organizations, including the National Cybersecurity Institute (INCIBE). Authorities said the leaked data came from the State Attorney General's Office, INCIBE, the National Police, the Civil Guard, and the National Security Council.

The investigation began after officials discovered the large-scale distribution of the data, which posed an immediate risk to both the people involved and the institutions themselves. Due to the seriousness of the case, police launched an urgent operation to identify and locate the suspect.

On May 27, officers arrested the individual and searched their home, seizing computers and other electronic devices that may contain forensic evidence. Police have not said whether the arrested person was also responsible for breaching the government systems from which the information was obtained.

Dutch authorities disrupt botnet linked to 17 million infected devices

Dutch authorities have dismantled a massive botnet involving at least 17 million infected devices and seized more than 200 servers used to operate the network.

The operation was conducted by the Dutch Police in cooperation with the National Cyber Security Centre (NCSC) following an investigation into malicious online activity. Officials said the servers were used to control millions of compromised computers, smartphones, and tablets worldwide.

Authorities seized over 200 servers hosted in the Netherlands, disrupting the botnet’s operations and cutting communication between operators and infected devices.

While officials have not publicly named the network, Dutch media reports have linked the operation to Asocks, a company that advertises global proxy services with access to millions of IP addresses across more than 150 locations.

Last month, US authorities accused a 23-year-old Canadian man of developing and operating the KimWolf botnet, which infected over one million internet-connected devices, including webcams and digital photo frames.

29 arrested in international crackdown on illegal streaming networks

International law enforcement agencies have dismantled major criminal networks involved in illegal sports, film and television streaming services during a seven-month operation coordinated by Bulgaria with support from Europol.

The operation, known as “Operation KRATOS 2,” ran from September 2025 to April 2026 and targeted organized crime groups making profits from the illegal distribution of the copyrighted content via IPTV and streaming platforms. Authorities arrested 29 people, identified 86 suspects and dismantled nine organized crime gangs operating across multiple jurisdictions.

Law enforcement carried out 148 house searches and referred 59 cases to judicial authorities; 72 criminal investigations remain ongoing. More than 27,000 illegal streaming URLs were removed, as well as hundreds of thousands of infringing digital objects linked to piracy activities.

Last month, Italian authorities took down a piracy network centered on the CINEMAGOAL app, which provided unauthorized access to premium streaming services such as Netflix, Disney+, Spotify, Sky, and DAZN. Authorities seized servers in France and Germany containing the app’s source code and stream-decoding functions.

The network relied on virtual machines in Italy to capture and redistribute access codes every three minutes, allowing users to stream content directly from official services while masking their IP addresses and avoiding piracy blocks.

The operation uncovered a reseller network of more than 70 individuals who sold subscriptions for €40–€130 per year, with payments made through cryptocurrency and foreign bank accounts registered under false names. Officials estimate the scheme generated millions of euros in illegal profits and caused approximately €300 million in lost subscription revenue to legitimate streaming providers.

Fraudster who sold personal data of 7M+ elderly Americans gets over 10 years in prison

A North Carolina man has been sentenced to more than 10 years in prison for running a massive scheme that provided personal information of millions of elderly Americans to Jamaican lottery scammers.

Troy Murray was sentenced to 121 months in prison, followed by three years of supervised release. He was also ordered to forfeit more than $5.2 million in proceeds from the scheme.

According to court records, Murray spent seven years collecting, organizing, and selling lists containing the names, phone numbers, addresses, and other personal details of elderly Americans to scammers in Jamaica. The criminals used the information to target victims in lottery fraud schemes, resulting in losses exceeding $9.5 million. Murray is said to have sold at least 22,000 databases containing information on more than seven million seniors. Prosecutors said he earned hundreds of thousands of dollars annually by charging scammers approximately $500 per list.

Murray initially accepted wire transfers but later switched to prepaid gift cards after financial services companies blocked his transactions. In January 2026, Murray pleaded guilty to conspiracy to commit wire fraud.

Demo anfordern

ImmuniWeb kann Ihnen helfen, Datenpannen zu verhindern und regulatorische Anforderungen zu erfüllen.

US operation disrupts major cyber fraud networks

The US Department of Justice (DoJ) has announced the results of a major operation aimed at stopping cyber and cryptocurrency fraud. The operation, called “Disruption Week,” began on May 18, 2026.

Authorities disrupted criminal activity across more than 1.4 million Facebook and Instagram accounts, pages, and groups, along with 20,000 Microsoft accounts and thousands of Starlink kits linked to scam networks in Southeast Asia. Law enforcement also shut down servers and online infrastructure used by scammers and identified several suspects and scam platforms for further investigation.

The operation is part of the Scam Center Strike Force, a US initiative focused on dismantling transnational fraud networks responsible for online scams, including so-called ‘pig butchering’ schemes. During the effort, private companies froze more than $3.8 million in cryptocurrency connected to stolen funds, including over $3 million frozen by Coinbase.

Authorities in Thailand arrested seven suspected scammers and opened new investigations through the Royal Thai Police Anti-Cyber Scam Center. So far, law enforcement agencies have arrested 63 individuals believed to be connected to scam centers.

In an unrelated action, Latvian and Ukrainian authorities dismantled a fraudulent call center in Kharkiv, Ukraine, operated by an organized crime group. The scammers targeted mainly elderly victims across Europe, falsely promising to recover previously lost funds and promoting fake investment opportunities, including cryptocurrencies. During a joint operation on May 26, 2026, four group leaders were arrested, five suspects were identified, and 14 searches were carried out.