Coverage Guide
Cyber Crime Reporting
We cover digital harm through the lens of victims, records, systems failure, fraud, disclosure, and public accountability rather than tactical or technical how-to detail.
We are a journalism platform, not a law-enforcement or emergency-response channel. If there is an immediate danger or emergency, contact local emergency services.
Why this beat matters
Cyber crime is public-interest reporting because the harm is often concrete long before the technical story is fully understood. A ransomware incident can delay care, a breach can expose families, a scam can wipe out savings, and a platform-abuse failure can make ordinary people more vulnerable. The most important questions are not only what system was compromised, but who was affected, what was disclosed, what was hidden, who had responsibility, and whether institutions acted with enough urgency and honesty.
We cover this beat from the standpoint of victims, records, systems failure, and accountability. That means we focus less on technical mystique and more on public consequences: schools locked out of services, local governments that failed to patch known weaknesses, companies that disclosed too little, consumers left to clean up after fraud, and regulatory bodies that moved too slowly.
Patterns we watch
We pay attention to delayed disclosure, vague language designed to minimize harm, repeat vendor failures, breach notices that raise more questions than they answer, platform abuse that becomes normalized, and official narratives that exaggerate certainty about attribution before the record supports it. We also watch the financialization of cyber harm: extortion, fraud, customer deception, insurance disputes, and the transfer of costs onto victims.
What we examine
- Data breaches, ransomware events, identity theft, digital extortion, platform abuse, and cyber-enabled fraud
- Public-sector cybersecurity failures affecting schools, hospitals, local government, utilities, or civic systems
- Disclosure practices, customer notifications, regulatory actions, litigation, audits, and post-incident accountability
- Scams, impersonation schemes, financial exploitation, and patterns of consumer harm that appear in public records
- How companies, vendors, and institutions communicate risk before, during, and after incidents
How we report responsibly
We do not publish exploit instructions, credential-theft methods, malware details that predictably enable misuse, evasion guidance, or operational steps for attackers. When technical context matters, we use it to clarify consequences, timelines, governance failures, and what readers can verify in the public record. Allegations of intrusion, attribution, intent, or compromise stay labeled as allegations unless supported by credible records or corroborated reporting.
How readers can help verify the record
Helpful submissions may include public breach notices, official communications, consumer warnings, screenshots, vendor contracts, meeting records, timelines, court filings, audit references, or first-hand accounts that help establish impact and chronology. We do not want stolen credentials, malware, illegal access tools, or private personal information unrelated to a legitimate public-interest issue.
What we will not publish
We will not turn this beat into a guide for offensive tactics. The point of the coverage is to explain harm, accountability, and institutional response, not to provide a blueprint for abuse or notoriety.
Why accountability often starts with plain language
Cyber stories are frequently hidden behind jargon. That can benefit the institutions that failed. If a disclosure is vague, if an incident timeline is hard to follow, or if a vendor uses technical language to avoid describing plain public harm, we try to translate the record into terms ordinary readers can evaluate. Who lost access? Who paid? What data was exposed? What warnings were missed? Who is being asked to trust a company or agency that has not yet been fully candid?
Plain language is not a simplification of the public-interest issue. It is part of the accountability work. If readers cannot understand what happened, they cannot judge whether the response was credible.
What this page is not
This page is not a hacking forum, not an emergency help desk, and not a private security service. If your device, workplace, or account is in immediate danger, contact the relevant service provider, security team, or emergency services where appropriate.
Related editorial paths
Use Submit a Tip for editorial review. For the broader framework behind this beat, see Editorial Standards, Legal and Advertising, and What We Investigate.