Police question Coupang CEO, Russia bakery cyberattack, Australian real estate scandal - Cybersecurity Headlines

Summary4 min read

Cybersecurity Headlines – February 2, 2026

Host: Steve Prentiss
Podcast: CISO Series
Theme: Daily global cybersecurity news and incidents impacting businesses, governments, and individuals.

Overview

This episode spotlights critical cybersecurity incidents including:

Coupang CEO’s police questioning in a high-profile data breach investigation
A cyberattack crippling logistics at a major Russian bread factory
Data exposure risks in Australian real estate app platforms
Microsoft’s announcement to retire NTLM authentication
Fallout from Trizeto and Google data theft cases
NSA candidate’s defense of controversial U.S. surveillance law

Key Discussion Points & Insights

1. Coupang CEO Questioned by Police Over Data Breach

[00:11] Seoul police reportedly questioned Coupang CEO Harold Rogers regarding possible obstruction in a mass data breach case.
- "Investigators are also still probing another former Coupang employee who they believe played a key role in the data breach."
  — Steve Prentiss [00:33]
The investigation focuses on whether Coupang destroyed or concealed evidence, as reported by the Korea Herald.
A former employee remains under scrutiny for possibly orchestrating the breach.

2. Cyberattack Disrupts Russian Bakery Logistics

[00:45] A ransomware-style attack hit the Vladimir bread factory, 120 miles east of Moscow.
- "The attack disabled the office computers, servers, electronic document management tools and the widely used 1C enterprise accounting system."
  — Steve Prentiss [00:53]
While bread production was unaffected, all distribution and logistics operations halted.
No group has claimed responsibility.

3. Australian Real Estate Apps Leak Sensitive Documents

[01:13] Researchers warn that apps frequently used by real estate agents in Australia are exposing sensitive documents via unprotected hyperlinks online.
- "The exposed data includes lease agreements, identification documents, pay slips and personal references."
  — Steve Prentiss [01:26]
Anonymous researcher confirmed this vulnerability to The Guardian; web crawlers can easily scan and cache such data.

4. Microsoft to Retire Legacy NTLM Authentication

[01:41] Microsoft will phase out the 30-year-old NTLM authentication protocol by default in future Windows releases.
- "NTLM is still used as a fallback authentication, although it uses weak cryptography and has been widely exploited."
  — Steve Prentiss [01:57]
This move is part of a broader push toward passwordless, phishing-resistant methods using Kerberos.

5. Windows 11 Boot Failures Tied to Previous Update Problems

[03:05] Microsoft has linked January’s Windows 11 boot failures to failed updates in December 2025.
- "The boot failures were first reported after having installed the January 2026 Patch Tuesday cumulative update resulting in a stop error of unmountable boot volume code."
  — Steve Prentiss [03:21]
No current fix, but Microsoft is working on a solution.

6. Ex-Google Engineer Convicted for Stealing AI Trade Secrets

[03:34] Former Google engineer Lin Wei Ding (Leon Ding) convicted on 14 counts concerning theft and economic espionage.
- "Convicted by a federal jury on seven counts of economic espionage and seven counts of theft of trade secrets for stealing more than 2,000 documents dealing with Google's AI technology research."
  — Steve Prentiss [03:49]
Faces a maximum of 10 years per theft charge and 15 years per espionage charge.

7. Trizeto Breach Exposes More Oregon Health Data

[04:19] Ongoing fallout from a November 2024 hack at TriZeto Provider Solutions, compromising hundreds of thousands of patient records.
- "TriZeto did not discover the presence of the thieves on the network for nearly a year."
  — Steve Prentiss [04:34]

8. NSA Candidate Defends Foreign Spying Law

[04:42] Army Lieutenant General Joshua Rudd publicly supports reauthorization of Section 702 of the Foreign Intelligence Surveillance Act (FISA).
- "FISA gives spy agencies broad authority to collect communications from US technology firms to hunt for national security threats living overseas, but also scoops up an unknown amount of Americans communications without a warrant."
  — Steve Prentiss [04:56]
Highlighted as a highly divisive issue with significant privacy implications.

Notable Quotes & Memorable Moments

On Coupang investigation:
"He [CEO Harold Rogers] is considered a suspect in their investigation into whether Coupang obstructed a government inquiry."
– Steve Prentiss [00:21]
On Russian bakery hack:
"Production of the bread products was not affected, however, delivery and logistics were."
– Steve Prentiss [01:00]
On real estate data risk:
"These links can be scanned by web crawlers and then cached."
– Steve Prentiss [01:32]
On NTLM retirement:
"Retirement of NTLM part of Microsoft’s push towards passwordless phishing resistant authentication methods."
– Steve Prentiss [02:09]
On FISA's controversy:
"This is a divisive issue within the highest levels of the US government."
– Steve Prentiss [05:14]

Timestamps for Major Segments

[00:11] Coupang data breach investigation
[00:45] Russian bread factory attack
[01:13] Australian real estate document exposure
[01:41] Microsoft’s NTLM deprecation
[03:05] Windows 11 update failures
[03:34] Google AI trade secret conviction
[04:19] TriZeto health data breach update
[04:42] NSA/FISA law defense

Tone & Style

The reporting is brisk, direct, and fact-focused, reflecting the urgency and ongoing nature of cybersecurity news. Steve Prentiss maintains a professional and informed tone, offering context on each story without sensationalism.

For more details and in-depth coverage, visit: cisoseries.com

Loading summary

Transcript3 lines

[00:00]
A
From the CISO series. It's Cybersecurity Headlines.
[00:07]
B
These are the cybersecurity headlines for Monday, February 2, 2026. I'm Steve Prentiss Coupang CEO questioned by police regarding data breach probe Harold Rogers was, quote, reportedly questioned on Friday by police in Seoul who are probing whether the e commerce site destroyed or hid evidence relating to a mass data breach that became public in November. He is considered a suspect in their investigation into whether Coupang obstructed a government inquiry, according to the Korea Herald. Investigators are also still probing another former Coupang employee who they believe played a key role in the data breach. Cyber attack on large Russian bread factory disrupts deliveries this attack occurred in Russia's Vladimir region, 120 miles east of Moscow and has disrupted food deliveries, according to local media. The Vladimir bread factory is one of the region's largest bakeries and the attack disabled the office computers, servers, electronic document management tools and the widely used 1C enterprise accounting system. Production of the bread products was not affected, however, delivery and logistics were no group has been identified or has taken responsibility. Real estate agents in Australia use apps that leave lease documents at risk, according to a researcher who spoke to the Guardian Australia under conditions of anonymity, the platforms used by real estate agents in that country to upload documentation regarding renters and landlords are leaving people's personal information exposed in hyperlinks accessible online. This was proven by follow up research performed by the Guardian. The exposed data includes lease agreements, identification documents, pay slips and personal references. The researcher also showed that these links can be scanned by web crawlers and then cached. Microsoft to disable NTLM by default in Future Windows releases. NTLM, short for New Technology LAN Manager, is a 30 year old challenge response authentication protocol that was introduced in 1993 with Windows NT 3.1 and followed on as successor to the LAN Manager protocol. It has now been superseded by Kerberos, which remains the default protocol for domain connected devices running Windows 2000 or later. NTLM is still used as a fallback authentication, although it uses weak cryptography and has been widely exploited in NTLM relay attacks and bypass the hash attacks. The retirement of NTLM Part of Microsoft's push towards passwordless phishing resistant authentication methods which will occur in phases throughout 2026. Huge thanks to our sponsor Strike 48. Strike 48 is the agentic log intelligence platform that actually puts AI agents to work, maximizing log visibility without blowing your budget. Find the threats that your silo tools miss. Get started today with pre built AI agents and workflows that Investigate, Detect and Respond 24. 7 or build your own at strike48.com Security that's strike S T R I K E on the numbers 48.com Security Microsoft links Windows 11 boot failures to failed December 2025 update following up on a story we covered last Monday, the Windows 11 boot failures that had been reported following the January 2026 updates are now being attrib by Microsoft to quote previously failed attempts to install the December 2025 security update which left systems in an improper state. The boot failures were first reported after having installed the January 2026 Patch Tuesday cumulative update resulting in a stop error of unmountable boot volume code. Microsoft said it is still working on a fix Ex Google engineer convicted of stealing AI secrets Following up on a story we covered in March 2024, a former Google engineer who had been accused of stealing thousands of the company's confidential documents to build a startup in China has now been convicted in the U.S. according to a Department of justice announcement on Thursday, Lin Wei Ding, also known as Leon Ding, 38, was convicted by a federal jury on seven counts of economic espionage and seven count of theft of trade secrets for stealing more than 2,000 documents dealing with Google's AI technology research. Ding now faces a maximum sentence of 10 years in prison for each count of theft of trade secrets and 15 years in prison for each count of economic espionage. More Oregon residents find out health data was stolen in Trizeto breach the November 2024 hack on the insurance verification provider Trizeto Provider Solutions allowed Intruder to pour through protected health information and other sensitive personal information belonging to hundreds of thousands of patients and insurance policyholders. Traizetto did not discover the presence of the thieves on the network for nearly a year. NSA candidate Rudd defends foreign spying law Army Lieutenant General Joshua Rudd has spoken in favour of Section 702 of the Foreign Intelligence Surveillance act, or FISA, which is weeks away from expiring if no action is taken by Congress. FISA gives spy agencies broad authority to collect communications from US technology firms to hunt for national security threats living overseas, but also scoops up an unknown amount of Americans communications without a warrant. This is a divisive issue within the highest levels of the US government. Do you want to know more about the most pressing stories of the last few days in time for your weekly Stand up? Join us today at 4pm Eastern Time for the Department of no Where. Our guests Steve Zaluski, co host of Defense in Depth, and Nick Espinosa, host of the Deep Dive radio show will sort out the priority stories and do a deep dive on the ones that matter most. And of course, we will actively involve you in the conversation. Just go to YouTube and search for CISO series and look for the Department of no under upcoming live streams. And if you have some thoughts on the news from today or about this show in general, please be sure to reach out to us@feedbackisoseries.com we would love to hear from you. I'm Steve Prentiss reporting for the CISO series.
[07:17]
A
Cybersecurity headlines are available every weekday. Head to cisoseries.com for the full stories behind the headlines. It.