Image by Aubrey Cottle, from Wikimedia Commons
Hacker Linked To Anonymous Charged In Texas Republican Party Breach
- Written by Kiara Fabbri Former Tech News Writer
- Fact-Checked by Sarah Frazier Former Content Manager
The United States Department of Justice filed charges against Canadian hacker Aubrey Cottle, also known as “Kirtaner”, for allegedly breaking into the Texas Republican Party website in 2021.
In a rush? Here are the quick facts:
- The investigators established Cottle’s identity through his social media activity combined with his Discord chat participation.
- The search of his residence revealed 20 terabytes of stolen data.
- The identity theft charges against Cottle could result in a maximum prison sentence of five years.
Federal authorities revealed last week that Cottle stands accused of defacing the party website along with stealing private information which he distributed through the internet. Cottle allegedly broke into the Texas GOP website through Epik security vulnerabilities while he was an ex-Anonymous member.
He accessed the web server backup data, which included private information, and later distributed the 180-gigabyte file through BitTorrent. The website displayed two messages which read “JET FUEL DOESN’T MELT STEEL” and “Trans demon hackers are coming to get you,” as reported by Cyber Scoop .
According to the complaint , the investigation identified Cottle through an IP address that retrieved the stolen data. Additionally, the complaint claims that a TikTok account, called “ Kirtaner ,” released videos where Cottle appeared bragging about the hacking incident.
FBI agents discovered proof in the Discord channel Cottle launched during his 2005 time on the platform. The document shows how he wrote “OH I GAVE THE CHILDREN THE SQLI EXPLOIT VULN GAB CODE ALREADY” followed by the statement “epik hosting’s f—ed,” as reported by Cyber Scoop.
A search of Cottle’s Ontario home uncovered 20 terabytes of information, which included his claims of obtaining “root access” to Epik’s network through emails. A message with the topic “oops I control the Texas GOP” was found among his emails, says Cyber Scoop.
A solid-state drive from his residence included a folder called “EpikFailYouLostTheGame” which contained personal data from the Texas GOP website, reports Cyber Scoop.
The hacker frequently admitted his involvement in past break-ins through public statements. During his 2022 conversation with CyberScoop , he explained that Canadian law enforcement agents took his home computers and storage devices as well as his Guy Fawkes mask during their raid. According to Cottle, Epik deserved the attack because it provided services to right-wing extremist websites.
According to The Record , a conviction would result in five years of prison time for Cottle due to identity theft and unauthorized access to a protected computer. The Texas Republican Party along with Epik maintain absolute silence about this legal matter.
Image by Open Grid Scheduler / Grid Engine, from Flickr
Data Leak At Samsung Germany Revealed Personal Information From 270,000 Customers
- Written by Kiara Fabbri Former Tech News Writer
- Fact-Checked by Sarah Frazier Former Content Manager
Samsung Germany suffered a massive data breach which exposed 270,000 customer support tickets to online access.
In a rush? Here are the quick facts:
- The exposed data contains names together with addresses and emails and orders and support interactions.
- The exposed data allows hackers to perform phishing attacks and execute fraud schemes and conduct account takeovers.
- Hudson Rock detected the stolen credentials multiple years before the actual breach occurred.
The hacker GHNA freely shared the stolen data which disclosed personal information along with order records and customer service dialogues, as first reported by Hudson Rock . The security breach did not stem from an advanced cyberattack since the hacker obtained stolen credentials from 2021 through Raccoon Infostealer malware.
These credentials belonged to an employee at Spectos GmbH, the company managing Samsung Germany’s ticketing system. According to Hudson Rock, credentials were never updated, and as a result the hacker was able to access the system years later and leak the data in 2025.
Hudson Rock says that they identified these compromised credentials multiple years ago, warning about potential misuse. Hudson Rock notes how Samsung had a chance to stop this data leak, but their failure to take action resulted in the damage.
As a result, thousands of customers face severe cybersecurity risks, while the damage remains irreparable, as reported by Hudson Rock. The leaked database contains full names, email addresses, home addresses order numbers, model details and payment method.
The risks from this breach reach further than just the disclosure of data. Hudson Rock says that the stolen information provides phishers with a way to deceive users by pretending to be Samsung representatives, and stealing account credentials.
Delivery interception becomes possible for attackers since they have access to tracking numbers within the leaked data. Hudson Rock says fraudsters may plan to use order information to submit fake warranty claims, along with false requests for replacements and refunds.
Furthermore, attackers who possess support agent emails can now use this information to pretend as Samsung customer service representatives and steal access to victims’ accounts.
The increasing threat from infostealer malware stands out as the main lesson from this security incident. The speed at which AI tools can process and weaponize leaks has become alarming which makes these incidents more dangerous.
Hudson Rock stressed that companies need to monitor stolen credentials beyond applying patches because this proactive measure prevents such data breaches from happening. There has been no official statement about the data leak from Samsung.
