As long as people have had more than one purchasing option, they’ve been comparing those options and looking for bargains. Online shoppers are no exception; in fact, one of the potential benefits of the internet is that it expands our options for everything from car rentals to airline tickets to dish soap. New AI tools can make the process even easier. These tools could provide some welcome relief for consumers facing sky-high prices that many cannot afford.
Unfortunately, Amazon is trying to block these helpful new tools, which can steer shoppers towards competitors. Taking a page from Facebook and RyanAir, they are trying to use computer crime laws to do it.
Amazon’s target is Perplexity, which makes an AI-enabled web browser, called Comet, that allows users to browse the web as they normally would, but can also perform certain actions on the user’s behalf. For example, a user could ask Comet to find the best price on a 24-pack of toilet paper, and if satisfied with the results, have the browser order it. Amazon claims that Perplexity violated the Computer Fraud and Abuse Act (CFAA) by building a tool that helps users access information on Amazon and engage with the site.
Unfortunately, a federal district court agreed. The court’s fundamental mistake: relying on the Ninth Circuit’s misguided decision in Facebook v Power Ventures,rather than the court’s much better and more applicable reasoning in hiQ Labs.
Perplexity has appealed to the Ninth Circuit. As we explain in an amicus brief filed in support, the district court’s mistake, if affirmed, could lead to myriad unintended consequences. Overbroad readings of the CFAA have undermined research, security, competition, and innovation. For years, we’ve worked to limit its scope to Congress’s original intention: actual hacking that bypasses computer security. It should have nothing to do with Amazon’s claims here, not least because most of Amazon’s website is publicly available.
The court’s approach would be especially dangerous for journalists and academic researchers. Researchers often create a variety of testing accounts. For example, if they’re researching how a service displays housing offers, they may create separate accounts associated with different race, gender, or language settings. These sorts of techniques may be adversarial to the company, but they shouldn’t be illegal. But according to the court’s opinion, if a company disagrees with this sort of research, it can’t just ban the researchers from using the site; it can render that research criminal by just sending a letter notifying the researcher that they’re not authorized to use the service in this way.
A broad reading of CFAA in this case would also undermine competition by enabling companies to limit data scraping, effectively cutting off one of the ways websites offer tools to compare prices and features.
The Ninth Circuit should follow Van Buren’s lead and interpret the CFAA narrowly, as Congress intended. Website owners do not need new shields against independent accountability.
Following an order from the Supreme Court of Nepal, authorities released on Thursday the country’s former prime minister and his home minister, ending a two-week detention on criminal negligence charges stemming from a deadly police crackdown on youth-led protests last year.
The release of the former premier, K.P. Sharma Oli, and the former home minister, Ramesh Lekhak, marks the latest twist in a political upheaval that has reshaped the Himalayan nation. The two men were arrested on March 28, barely 18 hours after Balendra Shah, a 35-year-old rapper-turned-politician and former mayor of Kathmandu, was sworn in as prime minister with a mandate to deliver accountability.
Their detention was directly tied to the violent suppression of the massive “Gen Z” demonstrations in 2025 that left 76 people dead. A high-level investigative commission recently concluded that the fatalities resulted from extreme negligence and a failure of command responsibility. The commission formally recommended the criminal prosecution of Oli, Lekhak, and Chandra Kuber Khapung, the former national police chief.
The Supreme Court, which had initially declined to intervene when the men were arrested under emergency government warrants, ruled on Monday that the authorities must either formally conclude their investigation or free the suspects. Pravin Dhital, a spokesperson for the Kathmandu Valley Police, said both former officials were released on the condition that they remain available to investigators.
Oli, 74, who resigned in September 2025 as the street demonstrations reached a boiling point, is currently hospitalized. He was admitted for heart complications shortly after his arrest and said he would remain under medical supervision for further testing.
In a statement posted to social media following his release, Oli dismissed the investigation as a politically motivated witch hunt. He asserted that the new government had acted “with prejudice and vindictiveness,” holding him for 13 days without sufficient evidence. Despite the collapse of his government last fall, the four-time prime minister remains a formidable political force, having been elected to a third term as chairman of the Communist Party of Nepal (Unified Marxist-Leninist) in December.
In a separate but equally high-profile move toward political accountability, Nepal’s anti-corruption agency filed criminal charges against a former speaker of Parliament, Krishna Bahadur Mahara, and his son in connection with an international smuggling ring.
The Commission for the Investigation of Abuse of Authority alleged that Mahara, his son Rahul, and senior customs officials smuggled more than 8.4 kilograms of gold into the country in 2022 by concealing it inside electronic cigarettes at Tribhuvan International Airport.
According to the charge sheet, the scheme generated more than 77 million Nepali rupees (about $527,000) in illicit proceeds, which were subsequently “laundered through land purchases and bank accounts belonging to various associates and Dexter Travels and Tours Pvt. Ltd.”
Mahara was initially arrested in October 2025 in the wake of the mass protests that toppled the political establishment, though he was released on bail the following month.
After almost twenty years on the platform, EFF is logging off of X. This isn’t a decision we made lightly, but it might be overdue. The math hasn’t worked out for a while now.
The Numbers Aren’t Working Out
We posted to Twitter (now known as X) five to ten times a day in 2018. Those tweets garnered somewhere between 50 and 100 million impressions per month. By 2024, our 2,500 X posts generated around 2 million impressions each month. Last year, our 1,500 posts earned roughly 13 million impressions for the entire year. To put it bluntly, an X post today receives less than 3% of the views a single tweet delivered seven years ago.
We Expected More
When Elon Musk acquired Twitter in October 2022, EFF was clear about what needed fixing.
We called for:
Transparent content moderation: Publicly shared policies, clear appeals processes, and renewed commitment to the Santa Clara Principles
Real security improvements: Including genuine end-to-end encryption for direct messages
Greater user control: Giving users and third-party developers the means to control the user experience through filters and interoperability.
Twitter was never a utopia. We’vecriticizedtheplatformfor about as long as it’s been around. Still, Twitter did deserve recognition from time to time for vociferously fighting for its users’ rights. That changed. Musk fired the entire human rights team and laid off staffers in countries where the company previously fought off censorship demands from repressive regimes. Many users left. Today we’re joining them.
“But You’re Still on Facebook and TikTok?”
Yes. And we understand why that looks contradictory. Let us explain.
EFF exists to protect people’s digital rights. Not just the people who already value our work, have opted out of surveillance, or have already migrated to the fediverse. The people who need us most are often the ones most embedded in the walled gardens of the mainstream platforms and subjected to their corporate surveillance.
Young people, people of color, queer folks, activists, and organizers use Instagram, TikTok, and Facebook every day. These platforms host mutual aid networks and serve as hubs for political organizing, cultural expression, and community care. Just deleting the apps isn’t always a realistic or accessible option, and neither is pushing every user to the fediverse when there are circumstances like:
You own a small business that depends on Instagram for customers.
Your abortion fund uses TikTok to spread crucial information.
You’re isolated and rely on online spaces to connect with your community.
We stay because the people on those platforms deserve access to information, too. We stay because some of our most-read posts are the ones criticizing the very platform we’re posting on. We stay because the fewer steps between you and the resources you need to protect yourself, the better.
We’ll Keep Fighting. Just Not on X
When you go online, your rights should go with you. X is no longer where the fight is happening. The platform Musk took over was imperfect but impactful. What exists today is something else: diminished, and increasingly de minimis.
EFF takes on big fights, and we win. We do that by putting our time, skills, and our members’ support where they will effect the most change. Right now, that means Bluesky, Mastodon, LinkedIn, Instagram, TikTok, Facebook, YouTube, and eff.org. We hope you follow us there and keep supporting the work we do. Our work protecting digital rights is needed more than ever before, and we’re here to help you take back control.
As our group of DWeb Camp organizers arrived at Wiesenburg station, frazzled by countless train delays in Berlin, a light rain and a blossoming gray winter sky welcomed us.
Moments after our arrival, a car and a van swooped up in front of us. Two of Alte Hölle’s stewards, Marv and Störte, had come to pick us up. During our days at this former forest hotel, we heard a common refrain: Imagine this place greener and warmer. Still, we did not have to stretch our imaginations very far. From the very first moment we laid eyes on Alte Hölle e.V., the only thing we could see was DWeb Camp 2026.
“We are just starting to wake up,” Marv told us while we looked across the property in late February. Just a couple of weeks earlier, snow levels reached an almost record 71 cm, and temperatures sank to double digits below zero. We arrived at this Brandenburg event space as bare trees, families of wild boars, and humans alike were emerging from their winter hibernation.
Alte Hölle has a very special history. Originally built in the 1800s as a Prussian forestry administration center, it later became a recreational facility for the Secret Service of communist Eastern Germany. Then a woman purchased it in the 1990s and managed it for three decades as a forest getaway spot. By 2021, the hotel wasn’t making a profit and she was searching for successors to take over. The full potential of this historic venue was yet to be recognized and realized.
At the same time, a diverse ensemble of friends who met at Chaos Communication Congress got together, looking for a place to establish a physical base to gather, build and host events and festivals. The old forest hotel was finally seen by the right sets of eyes, imagining it in a new light!
These ardent builders and dreamers booked the whole hotel for a week, coming up with ideas and ways to infuse the space with new life. After witnessing their process, the original owner slowly decided that selling her life’s work to a loose group of DIY enthusiasts was really the best option.
In 2021, this group purchased Alte Hölle, transferring the property to an association to ensure its long-term stability as individual involvement shifts and changes. Ownership by an association establishes Alte Hölle as a collectively-run physical commons. The members of the collective chipped in smaller amounts to secure a long term loan, thus collectivizing and decentralizing ownership and financial risk.
Rural Brandenburg isn’t exactly a cultural hotspot attracting scores of young people. Yet, for the Alte Hölle collective this place offers an opportunity to usher in change and a new cultural presence in the Brandenburg area. We don’t want to be a group of happy dropouts isolated from society, Störte explained to us. Our intention is to look outward, participating in local initiatives, bringing people to this place, and being a backbone for community organising and democratic practice.
The Alte Hölle collective welcomes open involvement in decision-making and shaping the future of the project. Alte Hölle’s governance model is non-hierarchical and based on consensus. It’s hard to distinguish between who lives there and who doesn’t: people come and go, but they still actively contribute to decision-making and developing Alte Hölle’s infrastructure. We want to blur the lines as much as possible between who is here and who is not, because not everyone can afford to work remotely and stay long term, but this should not influence their sense of belonging to the project, says Franzi, one of the stewards of the venue.
Alte Hölle runs as a seminar hotel for a broad variety of groups. Other collectives come there to organize retreats, literary groups hold reading events on the grounds, bike enthusiasts come for week-long workshops. And from July 8-12 2026, Alte Hölle is welcoming DWeb Camp.
How did we select this unique place an hour southwest of Berlin? It becomes clear if you look back at the history of Camp and the principles that guide our decisions.
Since our first outdoor convening, we’ve aspired to work closely with our venue’s stewards to help improve the land. We did so at the Mushroom Farm in 2019, when we brought stable internet to the remote California coastal location by building a tower and installing antennas across the property to establish a local mesh network. We want DWeb Camp to be firmly grounded in a place. A place with history, community, strong values, and aspirations. A place that shares our principles of giving agency to people, distributing value and power broadly. DWeb seeks to achieve this in the digital realm; Alte Hölle does so in a collectively-run 100,000 square meters of forest and field.
In November, we sent an email to share our ideas and explore the possibility of hosting Camp at Alte Hölle. Marv was the first to see our inquiry. As I read that email, a few things immediately just clicked. The right values, talks and workshops with interesting content and initiatives. I sent a very enthusiastic reply, and a couple of weeks later we were walking the place together with a first exploratory delegation from DWeb.
Then in February, a dozen members of our team convened to survey the site and start planning the details.
A dozen organizers from DWeb and the Department of Decentralization survey the main field where campers will set up their tents.Marv of Alte Holle pointing out power, connectivity, and other features of the 100,000 square meters of the property.
So now, the organizing machine is in full motion. We are meeting the vibrant culture of Alte Hölle with the joyful spirit of DWeb Camp. Not only will we have a lot of infrastructure to build, but also many things to make! Using wood sourced from local forests, we plan to craft benches, tables, and some other key structures we’ll need at camp.
The DWeb and Department of Decentralization organizers and the Alte Hölle community are looking forward to welcoming you to this land of rich history and abundant promise.
As Franzi shared, I love the idea and the principles behind DWeb Camp, and I am really looking forward to having an international event with many people coming from all around the world!
Chilean authorities said they have dismantled a massive criminal syndicate accused of stealing and illegally exporting $917 million worth of copper to Asia over a five-year period. During a nationwide sweep dubbed Operation “High Voltage,” Chilean police raided more than 50 locations, arresting 28 people and seizing 187 tons of stolen copper, along with dozens of properties, vehicles, and firearms.
Investigators said the stolen metal was primarily smuggled to buyers in China between 2020 and 2025. The high-stakes theft highlights supply chain vulnerabilities in Chile, which is the world’s largest copper producer and accounts for roughly 27 percent of the global supply.
At least 2.5 million low-income people quickly lost help affording groceries under a Republican-passed law that added new requirements for the nation’s largest nutrition program and shifted hundreds of millions of dollars in costs from the federal government to states, according to a study published by the Center on Budget and Policy Priorities on Wednesday.
Some 6% of the 41 million Americans who had been enrolled in the Supplemental Nutrition Assistance Program, or SNAP, when President Donald Trump signed the One Big Beautiful Bill Act on July 4, 2025, were no longer receiving benefits by the end of the year.
The left-leaning think tank’s report was based on U.S. Department of Agriculture and state agency data from July to December 2025.
Arizona was the largest outlier in the data, with a whopping 47% of people in the program — about 424,000 Arizonans — losing benefits in 2025, according to the think tank, which cited more recent state agency data in addition to last year’s USDA numbers.
A USDA spokesperson applauded the drop in SNAP participation.
Full-year 2025 data from the USDA, which operates the federal side of SNAP, shows an even bigger drop of 3.4 million people, or roughly 8% of the program’s total, CBPP said. SNAP is federally funded and administered by states, though that cost-share will change under the law.
In a late Wednesday email, a USDA spokesperson applauded the drop in SNAP participation, noting the program’s rolls had fallen below 40 million for the first time since the pandemic. The spokesperson said the program would continue “to serve those with the greatest need while also strengthening program integrity.”
“This change reflects several factors, including the most comprehensive work requirement reform since 1996, the One Big Beautiful Bill of 2025, as well as USDA initiatives that expand access to employment services, career and technical education, and case‑management support through USDA’s More Than a Job campaign,” the spokesperson wrote.
Incentives for states
The study was not intended to find a cause for the decline, co-author Joseph Llobrera, the CBPP’s senior director of research for food assistance, said in an interview. But he noted the law created incentives for states to limit participation in the program.
Under a provision of the law that is not yet in force, the share of the program’s cost that states must shoulder is tied to the state’s “error rate” — the ratio of payments that were made to people who shouldn’t have qualified for benefits.
That motivates states to restrict access to the program, without providing a corresponding reward for expanding access, Llobrera said.
“So the incentive structure that’s in place, it really pushes states to make it harder to get onto the program for people who need that assistance,” he said.
The drop in participation happened without improving economic conditions, such as a decline in the unemployment rate, the researchers said.
That indicates people are moving off the rolls due to changes in the program, not because their circumstances have improved to the point they no longer need food assistance, the study said.
Many provisions of the law have not yet gone into effect. The error rate penalties, for example, start in fiscal year 2028.
Design, not a bug
In part, though, that restriction is by design, as the law’s supporters intended to cut SNAP benefits for recipients who met certain criteria and to control what they portrayed as fraud and waste at the state level.
The cuts in the federal share of SNAP funding helped pay for massive tax cuts and a boost to military spending in other parts of the megabill, which Republicans passed without any Democratic support through a process known as budget reconciliation.
“It is a disservice to the truly needy to rely on SNAP.”
The proponents of the agriculture section of the megabill championed provisions to make beneficiaries report their eligibility more often, boost work requirements, disqualify certain categories of legal immigrants, raise the age of children at which parenting would cease to qualify as work and otherwise tighten the availability of the program.
The provisions would help ensure only those who truly needed the federal assistance would get it, advocates said.
It would also create an incentive for states to control erroneous payments, which was not the case when the federal government took on the entire cost of the program before the bill’s enactment.
“It is a disservice to the truly needy to rely on SNAP,” House Agriculture Committee Chairman Glenn “GT” Thompson, a Pennsylvania Republican, said as his panel marked up the bill last year. “Clearly, SNAP is not working as Congress intended. We must ensure the proper incentives are in place for states to administer the program more effectively for those it serves.”
Llobrera said he understood the rhetoric in favor of increasing restrictions on the program, but that the center at the time was “raising the alarm that the bill was going to hurt people.”
A spokesperson for Thompson did not respond to a request for comment Wednesday.
A combination of factors in Arizona
The CBPP report included a breakout section on Arizona, where the SNAP enrollment dropped much further than any other state.
As in other states, economic gains did not explain the changes in Arizona, the case study said.
“This dramatic drop cannot be explained by a rapid improvement in people’s economic well-being or reduced need for help affording food,” the report said, noting that Arizona’s unemployment rate rose over the period of the study, while the cost of groceries rose about 4% in 2025.
The state’s Democratic governor, Katie Hobbs, and state agency spokespeople have blamed the GOP law for the drastic reduction in benefits, the study said, but the decline goes beyond what would be expected based on the law’s provisions.
That suggests that state administrators — even under Democratic leaders — are going beyond the minimum requirements of the law to restrict access, the authors said.
“Thus, it appears that a combination of factors, including the megabill and the state’s response to it, are contributing to the sharp decline in the number of Arizona families getting SNAP,” they wrote.
Because the law also raises the costs to states of administering the program, in addition to requiring states to pay for a portion of benefits, some, including Arizona, cut staff ahead of the law’s enactment, Llobrera said.
“With the cuts to the administrative funding for states due to that megabill, those are only just going to accelerate,” he said.
Benefits turned off and on
Such changes to SNAP rules added to an already tumultuous period for the program’s recipients. Over the course of a then-record-long partial government shutdown last year, benefits were constantly turned off and on as the Trump administration said it could not spend SNAP funds during a shutdown and federal courts held that benefits must be paid.
Spokespeople for the White House did not return messages seeking comment Wednesday.
Anti-corruption agencies in Ukraine have completed their investigation into a prominent member of Parliament suspected of orchestrating a sprawling vote-buying scheme, clearing the way for the case to go to trial.
While authorities did not formally name the suspect in their announcement, Ukrainian news media widely identified the faction leader as Yulia Tymoshenko, the two-time former prime minister and head of the Batkivshchyna party.
According to the National Anti-Corruption Bureau of Ukraine and the Specialized Anti-Corruption Prosecutor’s Office, the lawmaker attempted to establish a highly organized bribery network within the legislature starting in December 2025. Rather than negotiating one-off deals, investigators allege the politician proposed a regular payment system. Under this mechanism, selected lawmakers would receive money in advance in exchange for voting as instructed, abstaining, or deliberately skipping parliamentary votes.
Investigators noted that the alleged plot was initiated even as authorities were actively exposing separate cases of illicit payments to members of Parliament.
Having risen to national prominence two decades ago as a leader of the pro-democratic Orange Revolution before serving as prime minister from 2005 to 2010, Tymoshenko is no stranger to legal jeopardy. Over the years, she has faced a litany of accusations—ranging from bribery and the misuse of state funds to murder—though most of the charges were ultimately dismissed.
She was officially notified of suspicion in January 2026 and has vehemently denied the allegations, characterizing them as politically motivated. Following police searches of her office, Tymoshenko dismissed the probe as a public relations stunt and a political instruction aimed at undermining her.
Later in January, Ukraine’s High Anti-Corruption Court set her bail at more than 33 million hryvnias, or approximately $800,000, which local media reported was promptly paid on her behalf. The court also authorized the seizure of property taken during the raids, including assets registered to her husband. However, a judge canceled the seizure of $6,300 in cash, returning the money to the family.
With the pretrial investigation now concluded by both anti-corruption bodies, prosecutors are preparing to formally bring the case before a judge, setting the stage for another dramatic legal battle for one of Ukraine’s most recognizable political figures.
Almost 800 Hungarian government email addresses and associated passwords are circulating online, revealing basic vulnerabilities in the security protocols of ministries involved in classified and sensitive work.
A Bellingcat analysis of breach data shows that 12 out of the government’s 13 ministries have been affected, which in some cases have exposed the confidential information of military personnel and civil servants posted abroad.
Among those affected were a senior military officer responsible for information security, a counter terrorism coordinator in the foreign affairs department, and an employee whose role was to identify hybrid threats against the country.
The revelations come as Hungarians head to the polls this Sunday to decide if Viktor Orbán, leader of the right-wing populist party Fidesz and the country’s longest-serving prime minister, will be elected to a fifth consecutive term.
This is not the first time that deficiencies in the Hungarian government’s IT security have been revealed. In 2022, ahead of Hungary’s last election, Direkt36 reported that Russia’s intelligence services had gained access to the computer network of the Hungarian foreign ministry, including its internal communications channels.
It said Russian cyber attacks against the Hungarian government had been occurring for at least a decade and extended to the foreign ministry’s encrypted network for transmitting classified data and confidential diplomatic documents.
At the time, the foreign ministry denied it had been hacked. But in 2024, news outlet 444 published a letter that had been sent from Hungary’s National Security Service to the foreign ministry six months before the cyberattack was first reported. The letter linked the attacks to Russia and described more than 4,000 workstations and 930 servers as “unreliable”.
As part of this new analysis, Bellingcat identified a total of 795 unique email and password combinations among thousands of search results for Hungarian government domains in breach databases. Key departments that handle the country’s governance, defence, foreign affairs and finances were the worst affected.
The analysis does not include central government agencies that operate under the government’s official ministries and use separate domains, such as the tax and customs administration or the police – meaning breaches affecting government employees could be even more widespread.
The findings are not evidence of high-tech infiltration of Hungarian government systems. Instead, our analysis indicates that the breaches are more likely the result of poor digital hygiene. In many cases, staff used simple passwords along with their government email addresses for what appear to be non-work-related matters, such as signing up to dating, music, sport and food websites.
Some government workers used easy-to-guess passwords such as variations of the word “Password” or the number sequence “1234567”. One employee whose credentials were exposed in the 2012 LinkedIn hack used the password “linkedinlinkedin”. Another, in the defence ministry, used their surname. One leaked password from an employee in the foreign affairs ministry was “embassy13hungary”.
Multiple breaches also contained phone numbers, addresses, dates of birth, usernames and IP addresses – data that, when exposed, could pose security risks.
Additionally, a search of breach databases showed instances where computers have been infected with malware designed to steal login credentials. These records show that 97 machines across Hungarian government departments had been compromised, with stealer logs from as recently as last month found in the data.
Bellingcat contacted the Hungarian government’s spokesperson and the Prime Minister’s office, but did not receive a response.
The Weakest Link: Searching Breach Data
Breach databases are large collections of credentials harvested from previous cyber incidents. These databases can be searched by domain to identify email addresses belonging to a specific organisation, company or government.
Darkside allows users to search a repository of breach data from the clear and dark web.
Bellingcat used Darkside, a paid service by District 4 Labs, to search the main email domains assigned to each of the Hungarian government’s 13 ministries.
In total, 795 breaches containing government emails and associated passwords were identified. But most – 641 breaches – were linked to just four central institutions.
In the examples detailed below, staff have been anonymised. However, Bellingcat has confirmed these accounts are genuine by cross-checking the employees named in the breaches against media reports and online profiles, such as LinkedIn.
Ministry of Interior – this “super-ministry” oversees everything from health and education to the police, immigration, disaster management and local government
Bellingcat identified 170 sets of emails and passwords linked to the domain used by the ministry in charge of domestic affairs. Passwords used by staff in this department included “Arsenal” and “Paprika”. Some used passwords that contained only three or four letters. We traced these accounts to professional profiles and government web pages listing both junior and senior staff.
One senior official in the prison service used the password “adolf”. After it appeared in breach databases the password was changed twice – first to a five-digit number and then to what appeared to be the name for a pet dog. The passwords were subsequently breached again. Bellingcat identified this employee through several instances of their name and email address being listed on public-facing documentation, including a press release celebrating an award for outstanding professional work.
Ministry of Defence – responsible for national defence policy and directing the country’s defence forces
The credentials of staff working for the Ministry of Defence were found in 120 compromised records. This includes a 2023 breach of NATO’s eLearning services which resulted in 42 records containing emails, passwords and phone numbers becoming public.
The breaches peaked in 2021 but continued up to 2026. Included in the data were stealer logs, indicating that machines within the department may have been infected.
Military personnel from junior ranks to command positions were identified. A Brigadier General used a common six letter nickname, based on his own, to sign up to a film festival. A Colonel specialising in “information security” took inspiration from an English football manager for his password: “FrankLampard”. A district director used the password “123456aA”, while a high-ranking member of Hungary’s delegation to NATO used a password that translates in English to “cute”.
Ministry of Foreign Affairs and Trade – responsible for international relations, Hungarian embassies and consulates operate under the direction of the department
The credentials of current and former foreign affairs personnel have been exposed in dozens of data breaches from 2011 to February 2026. In total, there were 107 email and password combinations linked to this government ministry.
Among the staff affected was a deputy head of mission, consuls, diplomats and communications personnel posted in Europe, the Americas and the Middle East. These include a counter terrorism coordinator, an EU spokesperson, and an individual whose role was to identify hybrid threats to Hungary.
Although the breaches peaked in 2020, with emails being found in 42 separate breaches indexed by Darkside, MFA emails have been circulated, often with passwords, in 36 separate breaches since the beginning of 2024. The most recent breaches were in 2026.
Simple passwords appear to have left Hungary’s foreign affairs ministry vulnerable. In some cases, employees used a password that consisted of their own name and a two digit number. Others appeared to take inspiration from pop culture: “porsche911”, “frogger” and “Batman2013” are examples of real passwords used by staff.
Ministry of National Economy – oversees economic policy and financial strategy, including budget preparation and reducing national debt
Bellingcat’s analysis shows that staff in the Ministry for National Economy suffered 99 breaches. The Ministry of Finance, which was merged into this department in 2025, had suffered 145 breaches.
Among the breached data were the credentials of a deputy state secretary, who used the password “snoopy”. Other staff members used their date of birth or the word “Jelszo” – the Hungarian word for password.
A senior advisor who currently works in the ministry had their credentials breached four times using four different passwords, including “Kurvaanyad1” (roughly translated to “your mother is a wh**e”).
Cybersecurity Not Taken Seriously
Szabolcs Dull, a political analyst and the former editor-in-chief of the independent Hungarian news websites Index and Telex, said the government had failed to prioritise data security.
“It’s clear from the data breaches that have come to light that government agencies did not take data security seriously,” he said.
“This suspicion arose even when Russian hackers breached the foreign ministry’s IT system. That is why I believe Hungarian politicians and the public will interpret this new information as a continuation and confirmation of the Russian hacking story.”
Dull added that he was not aware of any investigation having been launched following the 2022 revelations of the Russian hack.
Kata Kincső Bárdos, a cybersecurity expert in Hungary, said it was difficult to understand why stricter controls would not be consistently enforced in government environments handling sensitive data.
She said governments should not only apply baseline rules for passwords – such as that staff use long, unique passwords and multi-factor authentication (MFA) – but also continuously monitor for compromised credentials and suspicious access patterns.
“Without MFA, systems become significantly more vulnerable to common attack methods such as phishing and credential stuffing,” she said. “A single compromised password can provide immediate access to internal systems.”
Bárdos added that unauthorised access to government systems should automatically trigger incident response procedures, investigation and containment measures.
“It is also important to note that targeting lower-level employees is a well-documented and common tactic,” she said. “Attackers frequently gain initial access through phishing or weak credentials and then move laterally within systems.”
Bellingcat’s Ross Higgins and investigative journalist Eva Vajda contributed to this article.
Bellingcat is a non-profit and the ability to carry out our work is dependent on the kind support of individual donors. If you would like to support our work, you can do so here. You can also subscribe to our Patreon channel here. Subscribe to our Newsletter and follow us on Bluesky here, Instagram here, Reddit here and YouTube here.
The scale and speed of destruction from the wave of airstrikes in Lebanon which began just hours after the US-Iran ceasefire announcement, has left the country’s already strained health system struggling to cope, according to the World Health Organization (WHO).
A controversial Canadian penny stock trader — dubbed the “Wolf of Montreal” for his allegedly fraudulent dealings — acquired a new identity, obtained residency in Latvia, and purchased luxury property in Dubai, documents show.
John Babikian, a former Montreal resident, vanished from the public eye after a 2014 deal with the U.S. Securities and Exchange Commission (SEC). He agreed to pay $3.7 million into a victim compensation fund to settle allegations of fraud without admitting or denying responsibility.
The SEC’s case centered on Babikian’s “scalping” method of cashing in on low-value stocks that he promoted online. The operation earned him a nickname in the media similar to Jordan Belfort, whose late 1980s exploits were documented on film in the “Wolf of Wall Street.”
By the time of SEC settlement, Babikian had already amassed a fortune and left Canada, leaving behind claims by authorities there that he owed about $14 million in unpaid taxes.
While SEC said in 2014 that Babikian’s whereabouts were unknown, OCCRP traced his path through Lebanon, Latvia and the United Arab Emirates (UAE). Reporters also obtained a copy of his Canadian passports, including one issued in 2019 indicating he legally changed his name to James Miller.
Babikian did not reply to emails sent to two of his addresses, one found in Canadian court documents and the other in Dubai property records. Joseph Groia, a Toronto lawyer who previously represented him, said his firm had “not acted for or had any contact with Mr Babikian for many years.”
Babikian’s new name surfaced in court files for a case involving former Austrian intelligence officer Martin Weiss, who is reportedly under investigation for alleged espionage. The prosecution office in Vienna told OCCRP that they could not comment on “investigative procedures” around the Weiss case.
Weiss was questioned by Austrian prosecutors about an individual identified in court records as Aleksandr V., who was facing charges in Germany related to the Wirecard AG case.
Wirecard, a payments processing giant, collapsed in 2020 after executives allegedly committed fraud to boost its share price on the Frankfurt Stock Exchange. Weiss testified that Aleksandr V. told him Babikian was a “good business partner” of his. Babikian was not charged in the case. In response to OCCRP, Munich prosecutors said the case is ongoing against Alexandr V., who declined to comment.
Among the files in the Weiss case were copies of Canadian passports in the names of both Babikian and Miller. During questioning, Weiss said he received copies of Babikian’s passports in order to help with his application for Hungarian citizenship. It’s unclear if that application was successful. The files also include a copy of a Latvian residence permit issued to Babikian under his new name, Miller.
Weiss did not respond to requests for comment, including questions about his relationship with Babikian.
Meanwhile, leaked real estate records from OCCRP’s Dubai Unlocked investigation show that Babikian, under his Miller alias purchased an apartment in Palm Jumeirah, a tree-shaped artificial archipelago off the UAE coast.
The apartment is in One at Palm, a waterfront complex advertising that its “ultra-exclusive homes are built for the singular pursuit of bliss.” Under his Miller name, Babikian paid $4.6 million for the property in 2022, according to information from a UAE real estate database.
‘Scalping’ Stocks
The Dubai property may not have made much of a dent in Babikian’s budget. He had already become a millionaire many times over, according to court documents from his Canadian tax evasion case. Canadian tax authorities declined to clarify whether the case is still open or not.
Babikian dramatically under-declared his income to the Canada Revenue Agency, according to allegations in an affidavit filed by an investigator. Between 2008 and 2012, he allegedly failed to report more than CAN $44 million (about $44.2 million at the end of 2012), the tax investigator said.
During that five-year period, Babikian reported an income of only CAN $974,633 ($977,938). He didn’t declare any income at all in 2011, when he made almost CAN $8.4 million ($8.2 million), according to the tax investigator’s findings. He also allegedly failed to declare income in 2012, when he made close to CAN $20 million ($20.1 million).
Babikian’s 2012 earnings were allegedly bolstered by his penny stock “scalping” operation, which brought in $1.9 million in just 90 minutes, the SEC said.
Babikian’s scheme was likened to a modern-day take on the “boiler rooms” run by Belfort in the ‘80s, which were packed with people flogging cheap stocks over the phone. But in typical 21st century fashion, Babikian did his business online.
The SEC alleged Babikian was behind emails sent to 700,000 people between about 2:30 and 4:00 on the afternoon of February 23, 2012. During that period, the share price for a coal company called America West Resources Inc. jumped from 29 cents to a high of $1.80.
The emails allegedly linked to Babikian pumped up the cheap stock without disclosing that he owned more than 1.4 million shares in America West, the SEC said. The emails “immediately triggered massive increases” in the share price, and Babikian dumped his stock.
Babikian eventually reached an agreement with the SEC, which ordered him to pay $3.7 million to a fund to compensate victims of the scalping scheme, without admitting or denying responsibility. The judgement barred Babikian from trading penny stocks.
Back in Canada, Babikian allegedly owed tax authorities more than CAN$15 million in 2014 (about $14 million at the time), plus “interest compounded daily on said amount,” according to court records acquired by OCCRP.
The Canada Revenue Agency declined to clarify whether the debt remains active, which would include interest accrued since 2014. A spokesperson said the agency “does not comment on investigations that it may or may not be undertaking.”
Tax authorities in Quebec told OCCRP that they managed to seize and liquidate some of Babikian’s assets, recovering a portion of the money he owed in provincial taxes, which amounted to CAN$4.6 million ($4.2 million at the time) starting in April 2013.
Tax authorities also confiscated “two bull sculptures in bronze and silver worth several hundred thousands dollars,” along with 500 bottles of wine also valued at “several hundred thousand dollars,” according to a document from a civil suit filed by the Quebec Revenue Agency. However, they failed to recover Babikian’s Bugatti Veyron, a luxury vehicle that typically sells for more than $1 million.
Fake News
While Babikian settled with the SEC in 2014, his legal troubles in the U.S. continued, court documents show.
In September 2023, an Oregon jury reportedly ordered Babikian to pay a businessman in the small city of The Dalles $23.4 million over a vineyard deal that went sour, according to the plaintiff’s lawyer, Chad Colton.
A legal declaration from the case, obtained by OCCRP, shows Babikian asking in August 2023 for permission to testify remotely by videolink, because he was living in Lebanon and too ill to travel. A December 2023 judgement shows that the plaintiff was awarded total ownership of the vineyard.
The Columbia Gorge News reported that Babikian forfeited his 50 percent share in the property rather than pay the fine. Colton did not respond to requests for comment, while Babikian’s lawyer in the case said he was not authorized to speak to reporters about it.
Aside from shedding light on Babikian’s more recent legal issues, and revealing that he was in Lebanon in mid-2023, the case highlights an apparent attempt to clean up his public image.
Almost a decade after reporting on the vineyard case, OregonLive.com received an email with the subject heading, “Urgent legal request.” The email purported to be from Babikian’s representative, and requested the website remove a 2014 article about the land dispute, which also referenced the SEC allegations. The writer of the email said the article contained “inadequate allegations” against Babikian — despite his well-publicized deal with the SEC.
That email was not an isolated request. It appears to be a part of a broader pattern of digital identity manipulation. Several articles have appeared online, spreading the false claim that Babikian was acquitted in the SEC case.
Meanwhile, Babakian’s true identity has been shrouded by suspicious profiles on social media sites like Tumblr, Instagram and Soundcloud, as well as articles on dubious websites.
When reporters searched his name in google, the first page showed either one or no posts about the real Babikian, despite widespread media coverage of his various legal cases. Instead, numerous posts and articles appear for another John Babikian, also purportedly born in Montreal, but supposedly of Rwandan heritage.
The photo of this Babikian was likely manipulated, and possibly generated, using artificial intelligence, according to three different tests
That headshot has been used in an X account, which an investigation by Forbidden Stories linked to an apparent disinformation campaign propagated in favor of the Rwandan government.
An online profile claims that this Rwandan Babikian is “a seasoned lawyer with an illustrious educational background,” who graduated from Harvard. Reporters could find no evidence that the Rwandan lawyer named John Babikian who graduated from Harward actually exists.
The profile includes a quote from Babikian’s supposed “mentor,” Alan Dershowitz, the high-profile lawyer and former Harvard law professor: “John Babikian’s dedication to justice and his unwavering commitment to serving the less fortunate set him apart from his peers.”
Dershowitz told OCCRP the quote was fake.
“I know nothing of him,” he said in a brief email.
Sanita Jemberg of Re:Baltica contributed reporting.
