---
title: "Public Data Breach, Ransomware Disables Security, Hacker Fakes Death, Cybersecurity News [August 19, 2024] | DuoCircle"
description: "Public Data Breach, Ransomware Disables Security, Hacker Fakes Death -Cybersecurity News [August 19."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/announcements/cybersecurity-news-update-week-35-of-2024/"
---

Quick Answer

Cybersecurity news for the week of August 19, 2024\. National Public Data confirmed a breach exposing names, emails, phone numbers, and Social Security numbers, with threat actors offering 2.7 to 2.9 billion records on hacking forums. Sophos identified EDRKillShifter, a new tool used by RansomHub affiliates that loads vulnerable drivers (RentDrv2, ThreatFireMonitor) to disable EDR products. Authorities also reported a man sentenced for hacking a state registry to fake his own death, the arrest of suspects behind a $14 million Holograph crypto theft, and new charges against a member of the Karakurt extortion gang.

Public Data Breach, Ransomware Disables Security, Hacker Fakes Death, Cybersecurity News \[August 19, 2024\]

Your browser does not support the audio element.

[ Download episode](https://media.mailhop.org/duocircle/images/2024/08/Public-Data-Breach-Ransomware-Disables-Security-Hacker-Fakes-Death---Cybersecurity-News-August-19-2024.mp3) 

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fannouncements%2Fcybersecurity-news-update-week-35-of-2024%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Public%20Data%20Breach%2C%20Ransomware%20Disables%20Security%2C%20Hacker%20Fakes%20Death%2C%20Cybersecurity%20News%20%5BAugust%2019%2C%202024%5D&url=undefined%2Fblog%2Fannouncements%2Fcybersecurity-news-update-week-35-of-2024%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fannouncements%2Fcybersecurity-news-update-week-35-of-2024%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fannouncements%2Fcybersecurity-news-update-week-35-of-2024%2F&title=Public%20Data%20Breach%2C%20Ransomware%20Disables%20Security%2C%20Hacker%20Fakes%20Death%2C%20Cybersecurity%20News%20%5BAugust%2019%2C%202024%5D "Share on Reddit") [ ](mailto:?subject=Public%20Data%20Breach%2C%20Ransomware%20Disables%20Security%2C%20Hacker%20Fakes%20Death%2C%20Cybersecurity%20News%20%5BAugust%2019%2C%202024%5D&body=Check out this article: undefined%2Fblog%2Fannouncements%2Fcybersecurity-news-update-week-35-of-2024%2F "Share via Email") 

![Ransomware Disables Security](https://media.mailhop.org/duocircle/images/2024/08/smtp-email-7954.jpg) 

We’re back with the latest [cybersecurity](/) scoop of the week where we’ll take a look at the data breach that occurred at **National Public Data**, the new malware that disables security software, how a man was sentenced for hacking into the stage registry to fake his death, the $14 million holograph [crypto hackers](https://www.bbc.com/news/technology-58331959)’ arrest, and the charges against Karakurt extortion gang’s member. Stay tuned for more!

## National Public Data Reports Breach Exposing Social Security Numbers

The National Public Data confirmed a [data breach](https://www.bleepingcomputer.com/news/security/fbcs-data-breach-impact-now-reaches-42-million-people/) this week where the threat actors leaked a stolen database of the background check service that had tons of personal information and social security numbers. 

The organization [shared a report](https://nationalpublicdata.com/Breach.html) of the security incident highlighting that the information leaked contains names, emails, phone numbers, and social security numbers. _They also shared that they are cooperating with law enforcement agencies and are investigating the incident_. All the impacted individuals will be notified if any significant developments come to light. Meanwhile, they did share that the data breach is most likely the work of a threat actor who was trying to hack into the **database back in December last year**. A threat actor using the moniker USDoD was offering the 2.9 billion records stolen from the organization for $3.5 million back in April. Another threat actor named Fenice **shared 2.7 billion records** on a [hacking forum](https://www.securitymagazine.com/articles/100833-nearly-10-billion-stolen-passwords-were-leaked-on-a-hacker-forum) as well.

[![ data breach ](https://media.mailhop.org/duocircle/images/2024/08/dkim-validation-4.jpg)](https://media.mailhop.org/duocircle/images/2024/08/dkim-validation-4.jpg)

Many analysts have confirmed that the data is indeed accurate and also contains details about the family members of the affected individuals. If your [data was leaked during the breach](https://www.foxnews.com/tech/2-7-billion-records-leaked-massive-us-data-breach), it’s best to stay alert against scams and phishing attempts via emails and phone numbers. 

## Ransomware Group Uses New Malware to Disable Security Software

The threat actors behind the [RansomHub ransomware](https://www.darkreading.com/cyberattacks-data-breaches/ransomhub-actors-exploit-zerologon-vuln-in-recent-ransomware-attacks) deployed a new malware that can turn off [EDR (Endpoint Detection and Response) software](https://www.ibm.com/topics/edr). 

The new malware was [discovered by](https://news.sophos.com/en-us/2024/08/14/edr-kill-shifter/) researchers at Sophos Security in May 2024 and was named EDRKillShifter. It deploys an authentic, vulnerable driver on the victim devices that allows the threat actors to escalate privileges and take control of the system. The tool might already be used by other [threat actors](/email-security/threat-actors-attack-thousands-of-computers-following-the-ion-incident/), and Sophos found two samples of the malware on GitHub, the first one exploits the **RentDrv2 driver**, and the other one exploits ThreatFireMonitor. The malware has the capability to deliver multiple driver payloads as needed for the attack and works in three steps. EDRKillShifter is launched in the binary, where it decrypts and executes a [password-protected](https://thehackernews.com/2024/07/new-chrome-feature-scans-password.html) BIN resource in the memory. After that, it executes the final payload on the victim devices. 

If you want to stay safe against this novel [malware](/resources/malware-and-its-defense-mechanism), you should enable tamper protection in your [endpoint security](https://www.fortinet.com/resources/cyberglossary/what-is-endpoint-security) products so the threat actors are unable to load any of these vulnerable drivers. It would also be best to keep all systems updated with the **latest software and patches**. 

## Man Sentenced for Hacking State Registry to Stage His Own Death

[![dark web forums](https://media.mailhop.org/duocircle/images/2024/08/spf-record-generator-4925.jpg)](https://media.mailhop.org/duocircle/images/2024/08/spf-record-generator-4925.jpg)

The U.S. Department of Justice issued a [press release](https://www.justice.gov/usao-edky/pr/pulaski-county-man-sentenced-cyber-intrusion-and-aggravated-identity-theft) this week, sharing details of Jesse Kipf, a 39-year-old man from Kentucky who used stolen credentials to breach the **Hawaii Death Registry System** and registered himself as deceased. 

_The man took the step to avoid paying child support obligations and has been sentenced to 81 months in federal prison_. Kipf did this back in January 2024, when he created the State of Hawaii Death Certificate Worksheet for himself and even added the **digital signature** of the doctor to it. Other than this, Kipf also accessed multiple corporate and government systems using the stolen credentials and also offered said credentials on [dark web forums](https://www.infosecurity-magazine.com/news/devs-dark-web-forums-paid/). The man was also found guilty of using a false [social security number](https://www.bleepingcomputer.com/news/security/hackers-leak-27-billion-data-records-with-social-security-numbers/) to apply for financial accounts. Till now, the damage caused by these actions is estimated to be close to $200,000\. 

Out of his sentence, he will have to **spend 69 months**, after which he will be placed under supervision for three years. 

## Hackers Tied to $14M Holograph Crypto Theft Arrested in Italy

Italy’s national police released an [announcement](https://www.commissariatodips.it/notizie/articolo/eseguiti-due-mandati-di-arresto-europeo-e-quattro-decreti-di-perquisizione-locale-e-personale-emess/index.html) that they’ve arrested the suspected hackers behind the $14 million Holograph crypto heist. 

Holograph is a [crypto exchange](https://www.forbes.com/advisor/in/investing/cryptocurrency/what-is-a-crypto-exchange/) and WEB 3.0 platform based out of the Cayman Islands. There was news of hackers exploiting a smart contract functionality on the exchange that allowed them to mint **1 billion HLG tokens**, which they withdrew at a valuation of $14 million, the value of the tokens decreased nearly 80% after a few hours of the incident. The organization confirmed at the time that the hack was done by a former operator and developer who had internal information. This week, [law enforcement agencies](https://en.wikipedia.org/wiki/Law%5Fenforcement%5Fin%5Fthe%5FUnited%5FStates) tracked down a group of people who were suspected of being hackers because of their lavish lifestyle. _Out of four in the group, two have been arrested and await extradition to France_. The police also seized crypto wallet keys, ledgers, codes, and multiple devices in the possession of the hackers that are being used as evidence for the case.

The cybercriminals spent much funds but the ones remaining will be returned to Holograph. Just after the news, the [HLG token price](https://cointelegraph.com/news/holograph-hacked-for-1-billion-hlg-tokens-worth-14-million) regained about 28% of its value and has gained 59.4% over the last few days. 

## U.S. Files Charges Against Karakurt Extortion Gang’s “Cold Case” Negotiator

The U.S. also filed charges against a member of the [Karakurt ransomware gang](https://therecord.media/us-charges-alleged-karakurt-ransomware-member) for laundering money and wire fraud. 

Deniss Zolotarjovs, a **33-year-old member** of the Russian Karakurt gang, was already being investigated by the FBI for compromising organizational systems, stealing data, and demanding ransoms from the victims. The man was living in Moscow but was originally a Latvian national. Law enforcement agencies arrested him in Georgia in December 2023, and he was recently extradited to the U.S. The [U.S. DoJ](https://en.wikipedia.org/wiki/United%5FStates%5FDepartment%5Fof%5FJustice) issued a [press release](https://www.justice.gov/usao-sdoh/pr/member-russian-cybercrime-group-charged-ohio) but did not establish any connection between Zolotarjovs and the Karakurt ransomware gang. _However, it was evident from the court documents that he was linked to multiple cases of extortion involving U.S. organizations and operated under the name “Sforza\_cesarini_.” His special role was for cold case extortions where the victims stopped communicating with the gang and did not succumb to the ransom demands. 

Zolotarjovs is the first gang member who has been arrested and is facing up to **20 years in prison**, along with fines.

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  News 3m  Alert: Fix SPF & DKIM Settings For Your Email Forwarding Set Up Through Microsoft o365 SMTP Server Or Your Emails May End Up In Spam  Jul 20, 2021 ](/blog/announcements/alert-fix-spf-dkim-settings-for-your-email-forwarding-set-up-through-microsoft-o365-smtp-server-or-your-emails-may-end-up-in-spam/)[  News 1m  April Spam Filtering Uptime Report  May 4, 2016 ](/blog/announcements/april-spam-filtering-uptime-report/)[  News 2m  Changes to Spam Filtering Technology  Feb 8, 2023 ](/blog/announcements/changes-to-spam-filtering-technology/)[  News 4m  Cyber Security News Update, Week 1 of 2020  Jan 3, 2020 ](/blog/announcements/cyber-security-news-update-week-1-of-2020/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Public Data Breach, Ransomware Disables Security, Hacker Fakes Death, Cybersecurity News [August 19, 2024]","description":"Public Data Breach, Ransomware Disables Security, Hacker Fakes Death -Cybersecurity News [August 19.","url":"https://www.duocircle.com/blog/announcements/cybersecurity-news-update-week-35-of-2024/","datePublished":"2024-08-28T19:33:48.000Z","dateModified":"2025-08-21T20:12:03.000Z","dateCreated":"2024-08-28T19:33:48.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cybersecurity-news-update-week-35-of-2024/"},"articleSection":"announcements","keywords":"","wordCount":1061,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2024/08/smtp-email-7954.jpg","caption":"Ransomware Disables Security","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"News"},{"@type":"ListItem","position":3,"name":"Public Data Breach, Ransomware Disables Security, Hacker Fakes Death, Cybersecurity News [August 19, 2024]","item":"https://www.duocircle.com/blog/announcements/cybersecurity-news-update-week-35-of-2024/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"News","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"Public Data Breach, Ransomware Disables Security, Hacker Fakes Death, Cybersecurity News [August 19, 2024]","item":"https://www.duocircle.com/blog/announcements/cybersecurity-news-update-week-35-of-2024/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Public Data Breach, Ransomware Disables Security, Hacker Fakes Death, Cybersecurity News [August 19, 2024]","description":"Public Data Breach, Ransomware Disables Security, Hacker Fakes Death -Cybersecurity News [August 19.","url":"https://www.duocircle.com/blog/announcements/cybersecurity-news-update-week-35-of-2024/","datePublished":"2024-08-28T19:33:48.000Z","dateModified":"2025-08-21T20:12:03.000Z","dateCreated":"2024-08-28T19:33:48.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cybersecurity-news-update-week-35-of-2024/"},"articleSection":"announcements","keywords":"","wordCount":1061,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2024/08/smtp-email-7954.jpg","caption":"Ransomware Disables Security","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```