Cybersecurity agency CrowdStrike has fired an insider caught promoting screenshots of their laptop to cybercriminals.
The screenshots, which have been posted by the financially motivated hacking group Scattered Lapsus$ Hunters on its Telegram channel, embody photographs of the corporate’s dashboards, together with a hyperlink to an Okta Single Signal-On (SSO) panel.
The hackers initially claimed that the screenshots have been proof that that they had gained entry to CrowdStrike’s techniques by way of the exploitation of Gainsight, a third-party vendor sometimes used for buyer administration.
Final week, the menace actors stated they compromised quite a few Salesforce prospects by way of their Gainsight integrations, and Salesforce disconnected Gainsight-published functions from its platform.
In an announcement to SecurityWeek, CrowdStrike denied being compromised and confirmed that an ‘insider’ was chargeable for the leak.
“We recognized and terminated a suspicious insider final month following an inside investigation that decided he shared photos of his laptop display externally,” an organization spokesperson stated.
“Our techniques have been by no means compromised and prospects remained protected all through. Now we have turned the case over to related legislation enforcement companies,” the consultant added.
It’s unclear whether or not the insider is an worker, contractor, guide, or enterprise companion with approved entry to the corporate’s inside techniques.Commercial. Scroll to proceed studying.
Scattered Lapsus$ Hunters reportedly claimed paying $25,000 to the CrowdStrike insider for the leaked knowledge, for entry to the corporate’s techniques, and for authentication cookies.
The menace actor just lately claimed to have remodeled 1,000 victims in a number of knowledge theft campaigns focusing on Salesforce prospects, together with high-profile manufacturers and cybersecurity corporations.
Associated: Mazda Says No Information Leakage or Operational Affect From Oracle Hack
Associated: Spanish Airline Iberia Notifies Clients of Information Breach
Associated: 146,000 Impacted by Delta Dental of Virginia Information Breach
Associated: Cox Confirms Oracle EBS Hack as Cybercriminals Title 100 Alleged Victims
