Trump Mobile Data Leak Exposes Customer Addresses, Emails
Trump Mobile is reportedly leaking customers' email and home addresses, with two YouTubers claiming to have verified the authenticity of the exposed data. The company has not responded to alerts about the breach.
Trump Mobile, a mobile virtual network operator (MVNO) associated with former President Donald Trump, is facing allegations of a data leak that exposes customers' personal information. Two YouTubers have reported that the company is leaking email and home addresses, and that Trump Mobile has not responded to individuals who alerted the company about the exposure. The YouTubers stated they verified that their own leaked data was authentic, raising concerns about the security of customer information.
The alleged leak involves sensitive personal details, including email addresses and physical home addresses, which could be used for identity theft or targeted harassment. The YouTubers, who have not been named in the reports, claimed they discovered the data exposure and attempted to notify Trump Mobile but received no response. The company's silence has intensified scrutiny over its data protection practices.
Trump Mobile operates as an MVNO, meaning it resells wireless services from major carriers under its own brand. The company markets itself to supporters of Donald Trump, offering plans that emphasize conservative values. The alleged data breach could undermine trust among its customer base, which includes politically engaged individuals who may be particularly concerned about privacy.
The YouTubers did not specify how they discovered the leak or the extent of the data exposure. However, they asserted that the leaked information matched their own personal details, confirming the breach's validity. Without a response from Trump Mobile, it remains unclear how many customers may be affected or what steps the company is taking to address the issue.
Data breaches involving MVNOs are not uncommon, as these companies often rely on third-party infrastructure and may have less robust security measures than major carriers. The exposure of email and home addresses can lead to phishing attacks, doxxing, or other forms of cyber exploitation. Customers of Trump Mobile are advised to monitor their accounts and be cautious of unsolicited communications.
As of now, Trump Mobile has not issued a public statement regarding the alleged leak. The company's website and social media channels have not addressed the reports. The YouTubers have called on the company to acknowledge the breach and take corrective action to protect customer data.
The Federal Trade Commission (FTC) and other regulatory bodies have not commented on the incident. If the leak is confirmed, Trump Mobile could face legal consequences under data protection laws, including potential fines for failing to safeguard consumer information. The company's lack of response may also lead to reputational damage and customer attrition.
Customers who believe their data may have been exposed are encouraged to change passwords, enable two-factor authentication, and report any suspicious activity to authorities. The YouTubers have urged Trump Mobile to notify affected individuals and implement stronger security measures to prevent future breaches.
Trump Mobile accused of leaking customer addresses and phone numbers
Trump Mobile has been accused of insecurely storing customer data, exposing addresses and phone numbers. The alleged leak also revealed that T1 Phone pre-orders are far fewer than viral figures claimed.
Trump Mobile faces allegations of insecure data storage, with customer addresses and phone numbers potentially exposed. The T1 Phone, which was scheduled to start shipping last week, is at the center of the controversy. YouTuber voidzilla first reported the apparent leak after being tipped off by an anonymous individual who discovered a vulnerability in the Trump Mobile website. The hacker claims they were able to place fake orders and scrape the entire pre-order database, accessing emails, phone numbers, and mailing addresses. The alleged leak also revealed the number of T1 Phone orders placed, which is significantly lower than viral figures have suggested. Trump Mobile has not yet commented on the allegations. The company had been promoting the T1 Phone as a secure device, making the reported data exposure particularly concerning for customers. The full story is available at The Verge.
GitHub Confirms Hackers Stole Data from Internal Repositories
GitHub reported that attackers accessed and exfiltrated data from thousands of its internal repositories. The company stated it found no evidence that customer data was compromised.
GitHub disclosed on Tuesday that it had identified a security incident involving unauthorized access to its internal systems. The code hosting platform said attackers managed to steal data from thousands of its private repositories. The breach was discovered during a routine security review, prompting an immediate investigation.
The company emphasized that the stolen data originated from internal repositories used for development and operations. GitHub clarified that no customer repositories or personal information were accessed in the incident. The attackers exploited a vulnerability in a third-party service integrated with GitHub's infrastructure.
GitHub's security team has since patched the vulnerability and is working with law enforcement. The company is also notifying affected users and implementing additional security measures. The incident underscores ongoing risks in software supply chain security, where attackers target development tools and internal systems.
GitHub has not disclosed the exact number of repositories affected, but described the breach as limited in scope. The company stated that the attackers did not gain access to production systems or customer data. GitHub advised users to review their own security practices and enable two-factor authentication.
This incident follows a trend of cyberattacks targeting code repositories and development platforms. In recent years, similar breaches have affected other tech companies, highlighting the value of source code and internal documentation to malicious actors. GitHub's response includes enhanced monitoring and stricter access controls.
GitHub has not provided a timeline for when the breach occurred or when it was fully contained. The company said it will release more details as its investigation progresses. Users are encouraged to report any suspicious activity related to their GitHub accounts.
GitHub reiterated its commitment to security and transparency, stating that it will continue to update the community. The company operates one of the largest code hosting platforms, serving millions of developers worldwide. This incident serves as a reminder of the persistent threats facing the software development ecosystem.
Ocean Raises $28M for AI Email Security Platform to Combat Phishing
Ocean, an agentic email security platform, raised $28 million to fight AI-powered phishing. Its AI analyzes email context to detect fraud and impersonation.
Ocean, an email security startup, announced it has raised $28 million in funding. The company's platform uses artificial intelligence to analyze the context of incoming emails, aiming to detect sophisticated phishing and impersonation attempts. The funding round was led by a prominent venture capital firm, with participation from existing investors.
The platform employs what Ocean calls "agentic" AI, which goes beyond traditional email filtering. Instead of relying solely on known threat signatures or simple rule-based detection, Ocean's system examines the full context of each message, including sender behavior, language patterns, and relationship dynamics. This approach is designed to catch advanced social engineering attacks that often bypass conventional security measures.
Ocean's technology was developed by a founder with a background in cybersecurity research, including work on systems similar to Israel's Iron Dome missile defense. The founder's experience in high-stakes threat detection informed the design of Ocean's AI, which aims to adapt to evolving attack techniques in real time.
The company reports that its platform can identify subtle indicators of fraud, such as unusual requests for sensitive information or slight deviations in communication style. Ocean claims its AI reduces false positives compared to traditional email security tools, allowing legitimate emails to reach users without interruption.
Ocean plans to use the new funding to expand its engineering team and accelerate product development. The company also intends to scale its sales and marketing efforts to reach more enterprise customers. Ocean's platform integrates with major email providers like Microsoft 365 and Google Workspace.
The $28 million funding round brings Ocean's total raised to date to $35 million. The company did not disclose its valuation. Ocean's customers include several Fortune 500 companies, though the startup declined to name them.
Ocean's platform is available now for businesses of all sizes. Pricing is based on the number of users and starts at $5 per user per month. The company offers a free trial for prospective customers.
"Our mission is to make email safe for everyone," said Ocean's founder and CEO in a statement. "With this funding, we can accelerate our work to stop AI-powered phishing attacks before they cause harm."
Discord Rolls Out End-to-End Encryption for All Voice and Video Calls
Discord has enabled end-to-end encryption for all voice and video calls, ensuring that no one, including Discord, can access the content. The feature is now available to all users across platforms.
Discord announced on Tuesday that it has implemented end-to-end encryption for all voice and video calls on its platform. The move affects the company's hundreds of millions of users worldwide, providing a significant privacy upgrade. The encryption ensures that call content remains scrambled and inaccessible to Discord or any third parties.
The feature is now live across all platforms, including desktop, web, and mobile apps. Users do not need to take any action to enable it, as the encryption is applied automatically to every voice and video call. Discord confirmed that the encryption covers both one-on-one and group calls.
Discord's encryption protocol is based on the Signal Protocol, a widely respected standard used by messaging apps like Signal and WhatsApp. The company stated that the encryption keys are generated and stored locally on users' devices, preventing Discord from accessing them. This means that even if Discord were compelled to hand over call data, it would be unable to decrypt it.
The rollout follows years of development and testing. Discord first introduced end-to-end encryption for voice calls in a limited beta in 2022, but the feature was not widely available. The company has now expanded it to all users after refining the implementation and ensuring performance stability.
Privacy advocates have long called for Discord to adopt end-to-end encryption, given the platform's popularity among gamers and communities that discuss sensitive topics. The company's previous stance was that encryption could hinder its ability to moderate harmful content, such as child abuse material. However, Discord has since developed alternative moderation tools that do not rely on accessing call content.
Discord emphasized that the encryption does not affect its ability to moderate text-based content, which remains subject to scanning for policy violations. The company uses machine learning and user reports to detect abusive behavior in text channels and direct messages. Voice and video calls, however, are now fully protected.
The update is available immediately for all users on Discord's latest app versions. Users on older versions may need to update their apps to benefit from the encryption. Discord recommends keeping apps up to date to ensure the best security and performance.
Discord's announcement comes amid a broader industry push toward stronger encryption. Competitors like Telegram and WhatsApp have offered end-to-end encryption for calls for years. With this move, Discord closes a major gap in its security offerings, potentially attracting privacy-conscious users.
"We believe that privacy is a fundamental right, and we are committed to protecting our users' conversations," a Discord spokesperson said in a statement. "End-to-end encryption for voice and video calls is a critical step in that commitment."