A 35-year-old US man has pleaded guilty to computer fraud charges after hacking into his former employer’s network and triggering a nationwide outage that locked thousands of workers out of their computers.

According to court documents, Maxwell Schultz was terminated on May 14, 2021, from his role as a contract employee in the company’s IT department. Soon after being fired, Schultz accessed the company’s system by impersonating another contractor to obtain login credentials.

Once inside the network, Schultz ran a PowerShell script that reset roughly 2,500 passwords, effectively blocking employees and contractors across the country from logging into their computers. He also searched for methods to delete logs and cleared multiple system logs to conceal his activity.

The cyber-attack caused more than $862,000 in losses, including widespread employee downtime, disruptions to customer service and extensive labor costs associated with restoring the network. Sentencing is set for January 30, 2026. Schultz faces up to 10 years in federal prison and a maximum fine of $250,000.

In another case of revenge hacking, a Des Moines man was charged with computer fraud. Following his termination, Ezekiel Dean Potter illegally accessed his former employer’s network and reset usernames and passwords for the employer’s accounts, disrupting the company’s operations. Trial is scheduled for June 1, 2026. If convicted, Potter could face up to 10 years in federal prison.

A Russian national arrested in Kraków over alleged cyber-attacks on Polish companies

Polish authorities have arrested a 23-year-old Russian national accused of hacking the IT systems of several domestic companies. Officers from the Central Bureau for Combating Cybercrime (CBZC) apprehended the suspect during a mid-November operation. A Kraków district court has ordered the man into three months of pre-trial detention at the request of prosecutors, who say further arrests are possible as the investigation continues.

The suspect was reportedly living in Wrocław at the time of his detention. Investigators allege he infiltrated the database of a major e-commerce platform, gaining unauthorized access to nearly one million customer records, including personal information and transaction data.

Authorities say the man entered Poland illegally in 2022 but later obtained refugee status in 2023. Since then, CBZC officials believe he may have participated in or supported cyber-attacks not only against Polish networks but also against digital infrastructure in several other EU member states.

Investigators are now working to determine whether the stolen data was used, sold, or transferred outside Poland, including potential connections to organized cybercrime networks or state-backed cyberoperations.

Crypto launderer pleads guilty in nationwide cryptocurrency theft

Kunal Mehta, 45, of Irvine, California, pleaded guilty for his role in a multi-state conspiracy that used social engineering schemes to steal hundreds of millions of dollars in cryptocurrency from victims across the United States.

Known as “Papa,” “The Accountant,” and “Shrek,” Mehta participated in a racketeering conspiracy and helped launder at least $25 million in stolen funds. According to court filings, the criminal enterprise operated from before October 2023 through at least March 2025 and grew out of friendships forged on online gaming platforms.

Prosecutors described the group as a highly organized operation involving database hackers, organizers, target identifiers, callers, money launderers, and residential burglars specializing in stealing hardware cryptocurrency wallets. The enterprise used elaborate online schemes and spoofed phone numbers to deceive victims and steal their digital assets.

Mehta assisted with crypto-to-cash conversions and created multiple shell companies to launder funds through bank accounts designed to appear legitimate. He coordinated with associates who used sophisticated blockchain-based techniques to further conseal the origins of the stolen cryptocurrency. Mehta’s sentencing date has not yet been scheduled.

Greek police dismantle IPTV reselling operation; ACE and DAZN target major piracy site

Greek authorities have shut down an illegal IPTV reselling operation that provided unauthorized access to premium pay-TV services. A 48-year-old man was arrested during the raid, who police say was a reseller for a larger piracy network.

According to investigators, the suspect sold subscriptions for €50 for three months or €100 for six months, managing customer accounts through an online “panel” and offering both remote and in-person support. A search of his residence uncovered a modified IPTV device capable of illegally receiving subscription channels from at least two companies, along with a laptop, mobile phone, and €4,820 in cash.

In a separate action, the Alliance for Creativity and Entertainment (ACE) and sports streaming platform DAZN had taken down Photocall, a major Spain-based piracy service. The site offered unauthorized streams of 1,127 channels from 60 countries and amassed more than 26 million visits in the past year. Nearly one-third of its traffic originated in Spain, with substantial user bases in Mexico, Germany, Italy, and the United States.

Get a Demo

ImmuniWeb can help you to prevent data breaches and meet regulatory requirements.

Staff, contractor indicted for alleged cyber-attack on Taiwan’s government-run broadcaster RTI

The Taipei District Prosecutors Office indicted two employees of Radio Taiwan International (RTI) and an outside contractor for allegedly launching a cyber-attack on the station’s official website in September.

According to the indictment, the three suspects, RTI engineer Wu Cheng-hsun, his manager Yueh Chao-chu and contractor employee Huang Fu-lin, conspired to compromise the broadcaster’s systems.

According to officials, Wu had defaced RTI’s website and disrupted its operations. As the nation’s only government-run international broadcaster, RTI is designated Level-A key infrastructure under Taiwan’s Regulations on Classification of Cyber Security Responsibility Levels. Hence, any disruption to RTI’s systems poses risks to national interests, public welfare and public morale, officials said.

Prosecutors said Wu provided Huang with a high-privileged admin account granting access to RTI’s website. Huang acted as a technical support and helped to remove all traces of illegal activities. The third suspect, Yueh, knew about Wu’s actions but didn’t intervene or report the incident to authorities, prosecutors said.