Hello. Anton Koh belonged to a pipeline of elite North Korean cyber operatives, identified, trained and dispatched overseas by the Kim Jong Un regime.

Koh, who defected to South Korea in recent years, provides a rare window into a scheme that has targeted more than 40 countries and, in 2024, raised up to $800 million.

North Korean authorities placed Koh on a track for software development after he aced the exams to get into an elite middle school that fed to a top university. He went overseas shortly after graduating college. Upon arriving in China, he worked up to 16 hours a day. Read the full WSJ story.

Also today: 

• What the Homeland Security shutdown means for the top U.S. cyber agency
• Eurail says hackers are selling its traveler data
• Dior parent LVMH fined $25 million over security failings
• CISO moves

Correction: An item in the Feb. 11 edition of the newsletter incorrectly said that Peter Gregg was ousted as CEO of Nova Scotia Power after the utility's cyberattack. Gregg moved to a new role as executive vice president of strategy and policy at parent company Emera. 

• Before the midnight Friday shutdown, CISA gave federal agencies three days to fix a serious flaw in certain BeyondTrust identity security services that could let hackers onto networks with no authentication. (Bleeping Computer)
• CISA also published a schedule of virtual public meetings to collect feedback on cyber reporting rules for critical infrastructure operators that must be finalized this year, under the CIRCIA Act.
• First up are the chemical, water and energy sectors on March 9.

Eurail confirmed that its customer data is for sale on the dark web after a breach disclosed in January. Information was exposed including names, passport numbers and other details from Eurail's customer database, the company said. Hackers last week published a subset of the data on Telegram. 

Conduent breach investigation: Texas Attorney General Ken Paxton opened an investigation into a 2024 cyberattack at tech services provider Conduent that compromised the personal and medical data of about 25 million people. That includes 15.5 million Texas residents, through the state's Medicaid system and Blue Cross Blue Shield of Texas.

• Dennis Leber joined Erlanger Health System in Chattanooga, Tenn., as CISO. Leber has more than a decade of experience as a healthcare CISO, including stints at UCONN Health and the University of Tennessee. 

The WSJ Pro Cybersecurity team is Deputy Bureau Chief Kim S. Nash and reporters Angus Loten and James Rundle. Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.