Unidentified hackers breached a Norwegian dam's control system in April, opening its valve for hours due to a weak password.
In a concerning incident this April, unidentified hackers managed to breach the control systems of a Norwegian dam. Reportedly, hackers breached the control systems of a Norwegian dam, causing its water valve to open fully. The incident occurred at the Lake Risevatnet dam, situated near the city of Svelgen in Southwest Norway. The valve remained open for four hours before the unauthorized activity was detected.
According to the Norwegian energy news outlet, Energiteknikk, the hack did not pose a danger, as the water flow barely exceeded the dam’s minimum requirement. The valve released an additional 497 litres per second, but officials noted that the riverbed could handle a much larger volume, up to 20,000 litres per second.
The incident was discovered on April 7 by the dam’s owner, Breivika Eiendom. Norwegian authorities, including NSM (National Security Authority), NVE (Norwegian Water Resources and Energy Directorate), and Kripos (a special agency of the Norwegian Police Service), were alerted on April 10, and an investigation is now underway.
Officials suspect the breach occurred because the valve’s web-accessible control panel was protected by a weak password. Breivika technical manager Bjarte Steinhovden speculated this was the likely vulnerability. The initial point of entry allowed attackers to bypass authentication controls and gain direct access to the operational technology (OT) environment.
Hackers leak data of 88 million AT&T customers with decrypted SSNs; latest breach raises questions about links to earlier Snowflake-related attack.
Hackers have leaked what they claim is AT&T’s database which was reportedly stolen by the ShinyHunters group in April 2024 after they exploited major security flaws in the Snowflake cloud data platform. But is this really the Snowflake-linked data? We took a closer look.
As seen by the Hackread.com research team, the data was first posted on a well-known Russian cybercrime forum on May 15, 2025. It was re-uploaded on the same forum on June 3, 2025, after which it began circulating among other hackers and forums.
After analyzing the leaked data, we found it contains a detailed set of personal information. Each of these data points poses a serious privacy risk on its own, but together, they create full identity profiles that could be exploited for fraud or identity theft. The data includes:
Full names
Date of birth
Phone numbers
Email addresses
Physical addresses
44 Million Social Security Numbers (SSN) (43,989,219 in total)
Cybersecurity experts uncover the infamous Lummac Stealer malware, disguised as an OnlyFans "Checker" tool, targeting hackers.
Trello Data Breach: Trello, a project management tool developed by Atlassian, has experienced a data breach, exposing sensitive user information
The cybercrime and hacker forum Breach Forums has been seized by the Federal Bureau of Investigation (FBI) and the Department of Justice.
The IntelBroker hacker and their affiliates have leaked a trove of sensitive records, which they claim jeopardize the United States national security.
The data breach shows why organisations must enhance cybersecurity measures in the face of growing threats from skilled hackers like IntelBroker.
Fortunately for Radioactive Waste Management (RWM), the first-of-its-kind hacker attack on the project was unsuccessful.
Check Point’s Harmony Email team has reported a startling increase of 587% in QR code phishing or Quishing attacks.
PayPal has alerted over 35,000 customers of a data breach revealing that their accounts were hacked between December 6th and 8th, 2022.
NFT influencer @NFT_GOD downloaded malware through Google Ads while attempting to download OBS, an open-source video streaming software.
Anonymous has struck Russia again by leaking 1TB of data from a leading Russian law firm identified as Rustam Kurmaev and Partners (RKP Law).
The Pro-Russia Hacker Group Killnet recently targeted European institutions, while Anonymous hackers are already claiming to have leaked its data.
The Cyclops Blink botnet was controlled by the Russian Fed. Intelligence Directorate (GRU) and compromised thousands of devices worldwide.
It is unclear what type of “Cyber Security Incident” Ubisoft suffered but on Telegram LAPSUS$ hacking group responded to the news with smirking face emoji suggesting their alleged involvement.
