Play Ransomware Claims MyPillow Scalp — Lindell Says It's a Political Stitch-Up

Play, a Russian-language ransomware outfit that has hit over 900 organisations since 2022, posted a claim on its dark web leak site this week alleging it had lifted a substantial haul from MyPillow. The purported stolen goods include payroll records, financial documents, client data, tax information, and personal IDs. The group reportedly gave MyPillow until Friday to make contact before releasing everything publicly.

MyPillow is, of course, the Minnesota bedding company fronted by Mike Lindell, who is currently one of at least ten Republicans chasing the gubernatorial nomination ahead of August's primary. Lindell dismissed the claims outright, telling Straight Arrow News — which first reported the story — that his company has not been breached and that the whole thing is a politically motivated attack.

"This is another hit job by outside sources because I'm running for governor," Lindell said. "I guarantee it. We do not have any breaches in our data at all."

Lindell has had a rough run in court lately. A federal jury in Colorado last year found he defamed Eric Coomer, a former director at Dominion Voting Systems, ordering Lindell and his media platform FrankSpeech to pay $2.3 million in damages. A separate federal judge in Minnesota also ruled in September that Lindell defamed voting technology firm Smartmatic across 51 false statements, with damages still to be determined.

Whether Play's claims are genuine or opportunistic noise remains unverified. Ransomware groups posting to leak sites are not exactly a reliable source, but they also tend not to pick high-profile targets without something to show for it.

Ransomware Goes Door-to-Door

While Play makes headlines, another group has taken things in a distinctly more unusual direction. The FBI issued an alert this week warning that the Silent Ransom Group, which targets law firms, has started sending actual people to victims' offices to physically plug in USB drives and exfiltrate data on the spot.

The tactic is almost unheard of. Most ransomware operations are content to work remotely, but SRG apparently decided that physically walking into a building and sticking a thumb drive into a computer was a reasonable escalation. The FBI believes the group may be hiring freelancers for the job — people who may not even know the full picture of who they're working for.

School Buses as Rolling Surveillance Platforms

AI surveillance firm BusPatrol has announced it will repurpose the cameras it has installed across tens of thousands of US school buses into automatic licence plate readers. Every vehicle the bus passes will have its location logged, and that data will be made available to law enforcement without a warrant. The technology was originally sold as a safety tool to catch drivers who illegally pass stopped buses. It has quietly become something considerably broader.

Ditching ShotSpotter Made Chicago Cops Faster

A University of Chicago study found that Chicago Police Department response times to urgent 911 calls improved by four minutes after the city switched off ShotSpotter gunshot detection technology in twelve neighbourhoods last September. The research, conducted by sociologist Rob Vargas using city data and public records, suggests the system was generating enough false positives to meaningfully delay officers attending other emergencies. "ShotSpotter wasted officers' time by sending them on wild-goose chases," Vargas told WTTW News. Four minutes is not nothing when someone is having a medical emergency.