Cybercrime Group Claims It Hacked MyPillow CEO Mike Lindell

The Russian-language ransomware group known as Play, which has been active since 2022 and has already compromised more than 900 organizations, posted on its dark-web leak site this Monday. The group claims it has stolen a trove of sensitive data from MyPillow, the Minnesota-based home goods company run by Mike Lindell. According to the post, the stolen information includes “private and personal confidential data, clients’ documents, budget, payroll, IDs, taxes,” and other financial records. Lindell is one of at least 10 Republicans vying for the party’s gubernatorial nomination in Minnesota’s August primary. He is also a prominent figure in promoting Donald Trump’s baseless claims of victory in the 2020 election.

Play reportedly gave MyPillow until Friday to make contact before releasing the stolen data online. Lindell, speaking to Straight Arrow News,which first reported the ransomware claims on Tuesday,denied the breach entirely. He characterized the allegations as a politically motivated attack. “This is another hit job by outside sources because I’m running for governor,” Lindell said. “I guarantee it. We do not have any breaches in our data at all.”

This latest controversy comes on the heels of two recent defamation rulings against Lindell over his 2020 election claims. In Colorado, a federal jury last year found he had defamed Eric Coomer, a former Dominion Voting Systems director, and ordered Lindell and his media platform, FrankSpeech, to pay $2.3 million in damages. Separately, a federal judge in Minnesota ruled in September that Lindell had defamed Smartmatic through 51 false statements about its voting machines. Damages in that case are still to be determined at trial.

Ransomware groups have become increasingly aggressive and ruthless in their pursuit of payments. Most now focus on stealing data and extorting companies rather than locking computer systems with malware. In rare cases, these groups have directly threatened executives or contacted individuals named in stolen data to pressure payment. This week, the FBI warned that one group is taking it even further: sending people in person to steal data from companies.

The Silent Ransom Group (SRG), which is currently targeting law firms, has deployed individuals to company offices to gain direct access to computers. “By sending someone in person to the victim’s location to facilitate the intrusion, SRG actors exfiltrate data to an external hard drive or USB drive inserted by the threat actor into the victim’s computer,” the FBI said in an alert. Security researchers say this tactic is unprecedented. The FBI did not disclose who the Russian-speaking group is sending, but researchers suspect they are hiring freelancers who may not be fully aware of their employers’ identity.

In other security news, the AI surveillance company BusPatrol, which has installed cameras on tens of thousands of US school buses, announced it will now repurpose those cameras as automatic license plate readers. This means every vehicle a BusPatrol bus passes will have its location recorded, and the data will be made available to law enforcement without a warrant. The initiative effectively turns the iconic yellow buses into what 404 Media aptly described as “roaming surveillance vehicles.” The technology was originally designed to ticket vehicles that illegally pass stopped buses,a critical safety measure for children.

A study by University of Chicago sociology professor Rob Vargas found that the Chicago Police Department responded four minutes faster to the most urgent non-gunshot 911 calls in the six-month period after Mayor Brandon Johnson shut down the ShotSpotter gunshot detection system in 12 neighborhoods in September 2024. Vargas compared this period with the preceding six months when ShotSpotter was active. While the data could not assess response times for gunshot-related calls specifically, it suggested that ShotSpotter alerts may have been occupying officers with false positives, delaying them from responding to other critical incidents. “It is clear that ShotSpotter wasted officers’ time by sending them on wild-goose chases,” Vargas told WTTW News.