China’s largest data leak exposes billions. - CyberWire Daily

Summary7 min read

CyberWire Daily: China’s Largest Data Leak Exposes Billions Release Date: June 5, 2025

Introduction

On the June 5, 2025, episode of CyberWire Daily, host Dave Bittner delved into a series of critical cybersecurity incidents impacting global organizations. The episode, titled "China’s Largest Data Leak Exposes Billions," provided in-depth analysis and expert insights on significant breaches, ransomware activities, and emerging threats. The discussion included an exclusive interview with Anika Gupta, Chief Product Officer at Rubrik, who explored the complexities of managing security across diverse systems.

China’s Unprecedented Data Leak

The episode opened with alarming news about what might be China's largest data leak ever. Over 4 billion personal records, totaling 631 gigabytes, were exposed from an unsecured database. This massive breach included sensitive financial data, WeChat and Alipay information, ID numbers, and addresses, potentially affecting hundreds of millions of users.

Discovery and Impact: CyberNews and researcher Bob Dychenko uncovered 16 data collections containing extensive databases with hundreds of millions of records each. The meticulous compilation suggests the data might be intended for surveillance or profiling purposes. The database was swiftly taken offline, leaving no clear attribution or immediate recourse for affected individuals.
Expert Warnings: Experts caution that the leaked data could be exploited for phishing fraud, blackmail, or even state-level espionage. This breach significantly surpasses previous Chinese data compromises, highlighting severe privacy vulnerabilities.

Notable Quote:

“The data appears to be meticulously compiled, likely for surveillance or profiling purposes,” noted Bob Dychenko (01:30).

CrowdStrike Collaborates with Federal Authorities

CrowdStrike is currently cooperating with federal authorities following a major software bug that occurred in July 2024, which led to a significant outage affecting millions of computers.

Incident Details: The flaw in the Falcon software resulted in a July 19 outage that disrupted flights, backend systems, and user devices.
Regulatory Scrutiny: In a recent SEC filing, CrowdStrike disclosed that the Justice Department and SEC are investigating not only the incident but also the company's revenue recognition practices and reporting of annual recurring revenue. Additionally, other agencies and third parties have requested information, with some customers threatening legal action.
Financial Impact: CrowdStrike reported a fiscal quarter one loss and a weaker outlook due to ongoing costs from the incident. Despite a 35% stock increase over the last year, shares dropped 5.3% following the disclosure.

Sensitive Insurance Documents Exposed

Last month, researcher JLT discovered a misconfigured cloud server exposing over 571,000 sensitive insurance documents belonging to Triangle Insurance in the U.S. The records, spanning from 2006 to April 2025, included health claim forms, declaration pages, and decision letters.

Response Efforts: An initial email alert sent on May 8 went unanswered, likely due to spam filters. JLT, with the assistance of ogowasright@data breaches.net, successfully contacted Triangle Insurance on May 12, and the exposure was secured by May 13.
Company Actions: Triangle's COO confirmed the fix and expressed gratitude to the researcher. The company is now investigating the issue with its software vendor, has notified its regulator, and may inform affected individuals based on their findings. The server had been exposed since at least July 2021.

Notable Quote:

“The server was exposed since at least July 2021,” stated Triangle Insurance's representative (06:45).

Microsoft’s Free Cybersecurity Programs for Europe

In response to the escalating threat of AI-powered cyberattacks, Microsoft has launched a free cybersecurity program for European governments aimed at bolstering defenses against state-backed actors from countries such as Russia, China, Iran, and North Korea.

Program Focus: The initiative emphasizes improving intelligence sharing and preventing cyberattacks. Microsoft President Brad Smith highlighted the defensive use of AI, noting, “AI tools can still detect AI-driven threats” (09:30).
Recent Threats Addressed: The program addresses notable attacks, including deepfakes targeting Ukraine's president and interference in Slovakia's 2023 election.

FBI on Play Ransomware Gang

The FBI has issued an advisory regarding the Play ransomware gang, which has targeted over 900 organizations since its emergence in 2022, making it one of the most dangerous active cybercrime groups.

Attack Methods: Play often exploits vulnerabilities in the Simple Help remote monitoring tool and customizes its ransomware for each attack to evade detection. Their tactics include using email or phone threats to coerce victims into paying ransoms.
High-Profile Victims: Notable targets include cities like Oakland and Dallas County, as well as the Swiss government.
Possible State Ties: The FBI noted potential connections between Play and North Korean hackers, suggesting possible collaboration in some breaches.

Notable Quote:

“Play remains highly active, especially against U.S.-based organizations,” reported the FBI (12:15).

Google Alerts on UNC6040 Threat Group

Google has issued a warning about the threat group UNC6040, which is targeting Salesforce customers through a widespread voice phishing and data extortion campaign.

Attack Strategy: UNC6040 impersonates IT support staff in phone calls to trick employees into approving access for a modified Salesforce data loader app. This unauthorized tool allows attackers to exfiltrate sensitive data for extortion purposes.
Affected Organizations: Approximately 20 organizations across sectors like education, retail, and hospitality in the Americas and Europe have been impacted.
Operational Tactics: The group leverages social engineering without exploiting Salesforce vulnerabilities. Once access is gained, they move laterally to platforms like Microsoft 365 and Okta.
Attribution: UNC6040 claims ties to Shiny Hunters and exhibits overlaps with tactics used by the COM Collective, including Scattered Spider.

Notable Quote:

“This is part of a rising trend of attackers targeting IT support roles for initial access,” explained a Google spokesperson (14:50).

Insights from Anika Gupta, Chief Product Officer at Rubrik

In an exclusive interview, Anika Gupta discussed the challenges of managing security across diverse systems in modern organizations.

Complex Infrastructure: Gupta highlighted the shift from traditional data centers to cloud and SaaS applications, resulting in over 100 SaaS applications per organization, multiple public clouds, and sometimes on-premises data centers. This fragmentation makes visibility and control over applications and data a daunting task.

Notable Quote:

“An average organization uses over 100 SaaS applications. Understanding where your data lives becomes an overwhelming challenge,” stated Anika Gupta (12:50).
Cyber Risk Management: The abundance of data and applications increases the risk of cyberattacks. Gupta emphasized the difficulty in identifying sensitive data and critical applications, which hampers an organization’s ability to protect valuable assets.

Notable Quote:

“Organizations are spending more and yet getting breached more often,” Gupta explained (14:20).
Proactive Visibility: Gupta advocated for a proactive approach to visibility, suggesting that organizations prioritize understanding where sensitive data resides and which applications are critical. This foundation allows for better protection of "crown jewels" and reduces the noise from less important alerts.
Implementation Strategy: She advised organizations to approach visibility incrementally, starting with key applications and data types, and expanding coverage over time. Selecting technologies that offer centralized management across on-premises, cloud, and SaaS environments is crucial.

Notable Quote:

“Leaders have to figure out how to articulate the risk and mitigate those risks by gaining visibility,” Gupta advised (19:05).

FDA’s ELSA AI Tool Faces Scrutiny

The episode also touched upon the FDA's introduction of ELSA, a generative AI tool intended to enhance operational efficiency. However, internal feedback suggests ELSA may not yet be ready for critical tasks.

Intended Benefits: ELSA aims to assist scientific reviewers and inspectors in analyzing data and identifying health risks swiftly.
Challenges: Insiders report that ELSA has produced inaccuracies and partial truths, leading staff to describe it as "rushed, buggy, and more hype than help."
FDA’s Stance: Despite the issues, the FDA maintains that ELSA is secure and holds promise, advising caution in its application to clinical decisions for the time being.

Redline Infostealer Malware Reward

The U.S. State Department is offering up to $10 million for information on hackers using the Redline infostealer malware or on its suspected creator, Maxim Alexandrovich Rudomatov.

Background: Rudomatov, charged in October, is accused of managing Redline's infrastructure and laundering payments via cryptocurrency. The reward is part of the Rewards for Justice program targeting individuals involved in cyberattacks against U.S. critical infrastructure.
Operation Magnus: A recent joint international effort involving Dutch authorities and Eurojust successfully disrupted Redline and Meta malware platforms, resulting in server seizures and arrests. Eset assisted by mapping 1,200 related servers and releasing a tool for detecting infections.

Conclusion

The June 5, 2025, episode of CyberWire Daily underscored the pervasive and evolving nature of cybersecurity threats. From unprecedented data leaks and sophisticated ransomware gangs to proactive measures by tech giants and government agencies, the landscape demands continuous vigilance and adaptive strategies. The insights provided by Anika Gupta highlighted the essential need for enhanced visibility and proactive risk management in an increasingly complex digital ecosystem.

For a comprehensive understanding of today’s cybersecurity landscape, tuning into CyberWire Daily provides invaluable knowledge and expert analysis essential for industry leaders and professionals.

For more detailed insights and updates, visit CyberWire Daily.

Loading summary

Transcript14 lines

[00:02]
Anika Gupta
You're listening to the Cyberwire network, powered by N2K.
[00:12]
Dave Bittner
And now a word from our sponsor. Spy Cloud Identity is the new battleground and attackers are exploiting stolen identities to infiltrate your organization. Traditional defenses can't keep up. Spy Cloud's holistic identity threat protection helps security teams uncover and automatically remediate hidden exposures across your users from breaches, malware and phishing to neutralize identity based threats like account takeover, fraud and ransomware. Don't let invisible threats compromise your business. Get your free corporate Darknet exposure report@spycloud.com cyberwire and see what attackers already know. That's spycloud.com cyberwire Researchers discover what may be China's largest ever data leak CrowdStrike cooperates with federal authorities following last year's major software bug. A researcher discovers over half a million sensitive insurance documents exposed online. Microsoft offers free cybersecurity programs to European governments. The FBI chronicles the play Ransomware gang Google warns a threat group is targeting Salesforce customers. A former Biden cybersecurity official warns that US Critical infrastructure remains highly vulnerable to cyber attacks. The State Department offers up to $10 million for information on the Redline Info Stealer malware. Our guest is Anika Gupta, Chief product Officer of Rubrik on the challenges of managing security across systems and some FDA workers want to put their new Elsa AI on Ice. It's Thursday, June 5th, 2025. I'm Dave Bittner and this is your Cyberwire Intel Brief. Thanks for joining us here today. Great as always to have you with us. In what may be China's largest data leak ever, over 4 billion personal records totaling 631 gigabytes were exposed from an unsecured database. The leak includes sensitive financial data, WeChat and Alipay information, ID numbers, addresses and more, potentially affecting hundreds of millions of users. CyberNews and researcher Bob Dychenko discovered 16 data collections containing massive databases with hundreds of millions of records each. The data appears to be meticulously compiled, likely for surveillance or profiling purposes. The database was quickly taken offline, leaving no clear attribution or recourse for victims. Experts warn the data could fuel phishing fraud, blackmail or state level espionage. This leak dwarfs previous Chinese breaches and underscores the severe privacy risks at play. CrowdStrike is cooperating with federal authorities following the major software bug last July that knocked millions of computers offline. In a recent SEC filing, the company revealed that the Justice Department and SEC are investigating the incident as well as CrowdStrike's revenue recognition practices and reporting of annual recurring revenue. Other agencies and third parties have also requested information, with some customers threatening legal action. The July 19 outage, triggered by a flaw in the Falcon software, disrupted flights, backend systems and user devices. CrowdStrike disclosed the update alongside its fiscal quarter one report showing a swing to a loss and a weaker outlook due to ongoing costs from the incident. Shares dropped 5.3% following the news, though the stock remains up 35% over the last year. Last month, researcher JLT discovered a misconfigured cloud server exposing over 571,000 sensitive insurance documents belonging to Triangle Insurance in the U.S. the records, dating from 2006 to April 2025, included health claim forms, declaration pages and decision letters. Despite an initial email alert sent on May 8, Triangle didn't respond, likely due to spam filters. The researcher then enlisted the help from ogowasright@data breaches.net who successfully contacted the company on May 12. The exposure was secured by the following day. Triangle's COO later confirmed the fix and thanked the researcher. The company is now investigating the issue with its software vendor, has notified its regulator and may inform affected individuals, depending on findings. The server had been exposed since at least July 2021 Microsoft has launched a free cybersecurity program for European governments to strengthen defenses against AI powered cyber threats, many linked to state backed actors from Russia, China, Iran and North Korea. The initiative focuses on improving intelligence sharing and preventing attacks. Microsoft President Brad Smith emphasized using AI defensively, noting tools can still detect AI driven threats. Microsoft also monitors the use of its AI to block cybercriminals. Notable recent threats include deepfakes targeting Ukraine's president and Slovakia's 2023 election. Since emerging in 2022, the Play ransomware gang has hit over 900 organizations, making it one of the most dangerous active cybercrime groups, according to a new FBI advisory. This is a sharp rise from 300 attacks reported in its first year. The group targets organizations across the Americas and Europe, often using email or phone threats to pressure victims into paying ransoms. Play frequently exploits flaws in the Simple Help remote monitoring tool and customizes its ransomware for each attack to evade detection. High profile victims include cities like Oakland and Dallas county and even the Swiss government. The FBI also noted possible links between Play and North Korean hackers, suggesting collaboration in some breaches. The group remains highly active, especially against U S based organizations. Google has warned that threat group UNC6040 is targeting Salesforce customers in a widespread voice phishing and data extortion campaign. The group impersonates IT support staff in phone calls, tricking employees into approving access for a modified Salesforce data loader app. This unauthorized tool allows attackers to exfiltrate sensitive data, which is later used for extortion. Around 20 organizations across sectors like education, retail and hospitality in the Americas and Europe have been hit. UNC6040 often leverages social engineering alone. No salesforce vulnerabilities were exploited. Once inside, they move laterally to platforms like Microsoft 365 and Okta. The group claims ties to Shiny Hunters and shows overlap with tactics used by the. COM Collective, including Scattered Spider. Google highlights this as part of a rising trend of attackers targeting IT support roles for initial access. At the AI Expo for national competitiveness, former Biden cybersecurity official Anne Neuberger warned that U.S. critical infrastructure remains highly vulnerable to cyberattacks. She said, I do not have confidence that any part of our infrastructure couldn't be brought down. Citing outdated tech, Internet exposed systems and weaker defenses for operational technology, Neuberger emphasized using AI to identify flaws in legacy systems, including through digital twins for testing. She also stressed the importance of allied intelligence sharing, referencing past cooperation with Israel and Asian partners on threats like election interference and North Korean crypto theft. Now a Stanford lecturer, Neuberger called ongoing federal cyber staffing cuts troubling, but sees AI as a chance to rethink cyber defense, focusing on patching the most critical vulnerabilities before adversaries like China or Russia exploit them. The U.S. state Department is offering up to $10 million for information on foreign government backed hackers using the Redline infostealer malware or on its suspected creator, Russian national Maxim Alexandrovich Rudomatov. This reward, part of the Rewards for Justice program, targets individuals involved in cyberattacks against U.S. critical infrastructure. Rudomitov, charged in October, allegedly managed Redline's infrastructure and laundered payments via crypto. The reward also applies to any associates or state linked use of the malware. Redline and Meta malware platforms were disrupted during Operation Magnus, a joint international effort involving Dutch authorities and Eurojust, leading to server seizures and arrests. Eset helped map 1200 related servers and released a tool for detecting infections. Rudomitov remains at large and faces up to 35 years in prison if convicted. Coming up after the break, my conversation with Anika Gupta from Rubrik. We're discussing the challenges of managing security across systems and some FDA workers want to put their new ELSA AI on ice. Stick around compliance regulations, third party risk and Customer security demands are all growing and changing fast. Is your manual GRC program actually slowing you down? If you've ever found yourself drowning in spreadsheets, chasing down screenshots, or wrangling manual processes just to keep your GRC program on track, you're not alone. But let's be clear, there is a better way. Vanta's trust management platform takes the headache out of governance, risk and compliance. It automates the essentials from internal and third party risk to consumer trust, making your security posture stronger. Yes, even helping to drive revenue. And this isn't just nice to have. According to a recent analysis from IDC, teams using Vanta saw a 129% boost in productivity. That's not a typo, that's real impact. So if you're ready to trade in chaos for clarity, check out Vanta and bring some serious efficiency to your GRC game. Vanta GRC how much easier trust can be? Get started at vanta.com cyber Anika Gupta is Chief Product Officer at Rubrik. I caught up with her recently to discuss the challenges of managing security across systems.
[12:50]
Anika Gupta
Well, I think what we can see is that over the past 10 years as people have gone from being predominantly in data centers to adopting a lot More Cloud and SaaS applications within their infrastructure story that what this has meant is that the number of services that they're using, the number of applications and where all of the data that they have within their organization, whether it's their own internal data or their customers data, is living in so many different places. An average organization uses over 100 SaaS applications. They might be leveraging multiple public clouds, they likely have multiple data centers if they they have any on premise footprint. And so when you put all of that together, trying to understand the lay of the land and even knowing and having visibility into what where are your applications and where is your data becomes an overwhelming challenge for most organizations.
[13:47]
Dave Bittner
Well, can we dig into that some, I mean what are some of the specific perils that you see organizations facing when it comes to this?
[13:54]
Anika Gupta
Yeah, I mean certainly from a cyber risk and cybersecurity standpoint, one big challenge is that you have so much data and you have so many applications living in so many different places. And when you're looking at the risk to your organization of an attacker getting to your valuable assets, getting to your tier zero, tier one applications, a big question is well, how do I even know where's my sensitive data? How do I even know what are all the components that make up a Tier 0 or Tier 1 application and that the answers to those questions are actually very, very difficult to answer. Often what organizations are doing is they're looking for their have like an internal essentially program manager going to a bunch of different business leaders and saying, hey, what is your most important application? And then trying to reverse engineer. Well, okay, does that application have data sensitive data in it? What are all the components that are building up that application? And that's, you know, that's just a really challenging situation. What we can see is as a result, organizations are making or having a lot of challenges managing cyber attacks and breaches. In a recent report we did, and research we did, we found that one third of companies have been forced to make leadership changes as a result of cyber attacks and breaches. And at the same time they've increased their security spending by 40%. So people are spending more and yet getting breached more often. And a lot of this is having to do with hey, I can't manage this infrastructure that I now have across my organization that and manage the data that sits within that and understanding what's sensitive and what's super high priority.
[15:39]
Dave Bittner
I guess, I mean it's fair to say that nobody sets out to lose control of this, right? Everybody has, everybody has best intentions. And then is it typically a matter of the team waking up one day and saying, hey gang, we've got a problem here?
[15:54]
Anika Gupta
I don't think it's a one day you wake up and say, hey, I think I have a problem. I think it's just the result of running a business. The reality is, is that businesses have to grow, they have to make money, they have to innovate. And when you have multiple business leaders and multiple R and D organizations and your IT organization, everyone tried to innovate. They're trying to use best of breed solutions and breast of breed tools and applications in order to move faster and deliver business results. So it's just the fact of doing business. And I think security teams for a long time have recognized well and have been anxious about the fact that they're giving up control and that they don't know what's going on in their environments. And as people move to the cloud, you have developers that are just sometimes just spinning up instances without using a golden image or doing a ton of things that are not best practices because they're trying to move fast and people aren't trying to be malicious, they're just trying to do their jobs faster and faster. And AI is only going to exacerbate that even further where people are using AI because It's a great productivity boost. So people are trying to find the best tools, the best mechanisms to do their work better and to deliver those business results. And that's just meaning that over time the tools for visibility and just haven't been able to keep up with the amount of innovation and sprawl that's happening within organizations.
[17:14]
Dave Bittner
Are there common mistakes that you see people making as they try to get this under control?
[17:19]
Anika Gupta
Yeah, I mean, I think one is just say like, and I wouldn't say this is like necessarily super common because I think every, every security leader is trying to do something, but I think some people are also feeling like, well, you know, is this my highest priority thing? Is, is it getting visibility across my applications and data? Is that my highest priority issue or is it just trying to mitigate the active attacks that are happening to me right now? And I think that's a real trade off that some organizations have to make based on resources, both people resources, as well as technology, budget, etc. So I think there are some, some organizations that are not saying, hey, how do I lay the foundation? Which starts with visibility and understanding your applications, understanding where does your sensitive data live, and being able to classify that so you can protect your most valuable crown jewels and not have to worry about every single alert that's, that's emerging and trying to mitigate that, especially if it's against something that isn't super important to your organization. I mean, you still have to go do all of that work too. But I think a lot of teams get caught in the reactive mode and not enough in the, hey, what can I do proactively to give myself more visibility so I can be better prepared for the future? And where, where do I lack visibility? People lack visibility all over the place. So how do you decide what you invest in first to like give you the visibility that you need in your organization? And I would argue that having visibility into your sensitive data and your sensitive applications is a super, super important building block. It's also really hard to do. So often folks don't invest enough in it because it just is a, it's a big initiative to, to go after.
[19:00]
Dave Bittner
Well, when you say visibility, how do you specifically define that?
[19:06]
Anika Gupta
I think like, understanding. For instance, if you're a, let's say you're a financial institution, understanding in the course of your business, what is the most, what are your most important applications that you just cannot afford to be down because it would actually just completely break your organization or cause you massive regulatory issues? That's one. And then Being able to understand well for my organization what is the data that is most important and most sensitive and confidential. Again, maybe because it's related to your customers or because of regulatory issues that may emerge if that data is breached or lost in some way. And if you can understand both of those things of hey, I know what my applications look like that are my most important. So for banking it's probably the core banking application. It's the core way that they manage money transfers across accounts and in and out of the bank. Like those are the things that are going to be the absolute critical applications. And then the data might be like their customers personal information and their customers financial information that might be their most critical asset because that's the thing that if it gets breached or lost, like they're in a massive, it's a massive, massive risk to the organization. So I think like leaders have to take this approach of for my organization, where does my highest risk lay both in terms of the applications themselves and the data and then how do I get visibility into this on an ongoing basis of how do I identify these critical applications and then how do I identify where does critical customer data live so that you can on ongoing basis monitor that, making sure that critical customer data isn't going into a dev instance or isn't getting exposed to public IPs on the Internet, things like that that are very critical to manage in order to ensure that you protect those cred.
[21:01]
Dave Bittner
For someone who's ready to go down this path, what sort of advice do you have for them specifically in terms of how disruptive this is going to be or not as they begin the process?
[21:16]
Anika Gupta
So I think as with any change, you have to think about both as a leader, you have to think about both the people, the process and the technology that's going to be involved in making this change. So from a people perspective, like who are you going to allocate to making this successful? How are you going to make sure that the key business leaders are brought along with this? Because it's not like it or security can go do this effort in a vacuum. They need the cooperation of the business leaders across the organization. They need to figure out how can like why are they doing this effort? How do they articulate the why? How do they articulate the risk to the organization and how they're trying to mitigate those risks by going down and doing these efforts. And I think from a process perspective, really like you can't boil the ocean in this. Like you have to figure out where do I get started and Maybe you get started with one application, one type of data and really get a good handle on what is it going to take to not only just create this like kind of catalog once, but how are you going to do this on an ongoing basis and maintain it for one, you know, a subset of use cases within your organization and then you expand that over time and you get coverage of more applications, more types of data, more footprints so that you're able to continuously get better because it really is going to be a journey and then from a technology perspective, really looking at what are solutions that can serve your organization best, knowing that most organizations again have applications and data sitting across on prem cloud and SaaS. So can you buy a technology that's not just a product point solution for one type of application in your organization or one type of use case? But, but, but buy something that's going to take you on that, that's going to be on that journey with you, that's going to give you centralized management and visibility no matter where your applications are, where your data is. And making those technology choices and the right technology choices early is really going to help be an accelerant for both the people and process.
[23:19]
Dave Bittner
That's Anika Gupta from Rubrik. And finally, in what could be described as the FDA's leap into the future or a fast forward stumble, the agency has rolled out elsa, a generative AI tool built to make government work more high tech and ideally less glacial. Heralded as the dawn of a new AI era, ELSA is supposed to help everyone from scientific reviewers to inspectors whip through data and spot health risks faster than a caffeine fueled intern. But according to FDA insiders, ELSA might be better suited to writing office memos than evaluating life saving drugs. The system, based on anthropics clawed and developed by Deloitte to the tune of $28.5 million, has already been caught spouting inaccuracies and offering partial truths, which to be fair, is kind of on brand for Washington. Staff have labeled it rushed, buggy and more hype than help. Still, the FDA insists it's secure and promising. Just maybe keep ELSA away from clinical decisions for now. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to hear from you. We're conducting our annual audience survey to learn more about our listeners. We're collecting your insights through the end of summer. There's a link in the show notes. Please take a minute and check it out. N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilby is our publisher. And I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. Hey, everybody. Dave here. I've talked about Delete Me before, and I'm still using it because it still works. It's been a few months now, and I'm just as impressed today as I was when I signed up. Deleteme keeps finding and removing my personal information from data broker sites. And they keep me updated with detailed reports so I know exactly what's been taken down. I'm genuinely relieved. Knowing my privacy isn't something I have to worry about every day. The Delete Me team handles everything. It's the set it and forget it peace of mind. And it's not just for individuals. Deleteme also offers solutions for businesses, helping companies protect their employees personal information and reduce exposure to social engineering and phishing threats. And right now, our listeners get a special deal. 20% off your delete me plan. Just go to JoinDeleteMe.com N2K and use promo code N2K at checkout. That's JoinDeleteMe.com N2k. Code N2K.