Insider Threat
Ex-data analyst stole company data in $2.5M extortion scheme
A North Carolina man was found guilty of extorting a D.C.-based technology company while still being employed as a data analyst contractor. While a Justice Department press release published on Thursday doesn’t name the victim, court documents reveal that he targeted Brightly Software, a Software-as-a-Service (SaaS) company previously known as SchoolDude, which Siemens acquired in August 2022. Brightly […]
Coinbase confirms insider breach linked to leaked support tool screenshots
Coinbase has confirmed an insider breach after a contractor improperly accessed the data of approximately thirty customers, which GeekFeed has learned is a new incident that occurred in December. “Last year our security team detected that a single Coinbase contractor improperly accessed customer information, impacting a very small number of users (approximately 30),” a Coinbase spokesperson […]
Microsoft Teams to warn of suspicious traffic with external domains
Microsoft is working on a new Teams security feature that will analyze suspicious traffic with external domains to help IT administrators tackle potential security threats. As explained in a Microsoft 365 roadmap update this week, the “External Domains Anomalies Report” will help admins protect their organizations without disrupting legitimate business communications. The new tool will do […]
CrowdStrike catches insider feeding information to hackers
American cybersecurity firm CrowdStrike has confirmed that an insider shared screenshots taken on internal systems with hackers after they were leaked on Telegram by the Scattered Lapsus$ Hunters threat actors. However, the company noted that its systems were not breached as a result of this incident and that customers’ data was not compromised. “We identified […]
Ransomware gang sought BBC reporter’s help in hacking media giant
Threat actors claiming to represent the Medusa ransomware gang tempted a BBC correspondent to become an insider threat by offering a significant amount of money. Cybersecurity correspondent Joe Tidy revealed in a story on the BBC that the hackers wanted to use his laptop to breach the British public-service broadcaster’s network and then ask for a ransom. […]
FinWise insider breach impacts 689K American First Finance customers
FinWise Bank is warning on behalf of corporate customers that it suffered a data breach after a former employee accessed sensitive files after the end of their employment. “On May 31, 2024, FinWise experienced a data security incident involving a former employee who accessed FinWise data after the end of their employment,” reads a data […]
Dev gets 4 years for creating kill switch on ex-employer’s systems
A software developer has been sentenced to four years in prison for sabotaging his ex-employer’s Windows network with custom malware and a kill switch that locked out employees when his account was disabled. Davis Lu, 55, a Chinese national living legally in Houston, worked for an Ohio-based company, reportedly Eaton Corporation, from 2007 until his […]
Colt confirms customer data stolen as Warlock ransomware auctions files
UK-based telecommunications company Colt Technology Services confirms that customer documentation was stolen as Warlock ransomware gang auctions files. The British telecommunications and network services provider previously disclosed it suffered an attack on August 12, but this is the first time they confirmed data had been stolen. “A criminal group has accessed certain files from our […]
Coinbase says recent data breach impacts 69,461 customers
Coinbase, a cryptocurrency exchange with over 100 million customers, revealed that a recent data breach in which cybercriminals stole customer and corporate data affected 69,461 individuals. In data breach notifications filed with the Office of Maine’s Attorney General, Coinbase said, “a small number of individuals, performing services for Coinbase at our overseas retail support locations, improperly accessed customer […]