CrowdStrike Insider Helped Hackers Falsely Claim System Breach

Posted on By CWS

Cybersecurity agency CrowdStrike has fired an insider caught promoting screenshots of their laptop to cybercriminals.

The screenshots, which have been posted by the financially motivated hacking group Scattered Lapsus$ Hunters on its Telegram channel, embody photographs of the corporate’s dashboards, together with a hyperlink to an Okta Single Signal-On (SSO) panel.

The hackers initially claimed that the screenshots have been proof that that they had gained entry to CrowdStrike’s techniques by way of the exploitation of Gainsight, a third-party vendor sometimes used for buyer administration.

Final week, the menace actors stated they compromised quite a few Salesforce prospects by way of their Gainsight integrations, and Salesforce disconnected Gainsight-published functions from its platform.

In an announcement to SecurityWeek, CrowdStrike denied being compromised and confirmed that an ‘insider’ was chargeable for the leak.

“We recognized and terminated a suspicious insider final month following an inside investigation that decided he shared photos of his laptop display externally,” an organization spokesperson stated.

“Our techniques have been by no means compromised and prospects remained protected all through. Now we have turned the case over to related legislation enforcement companies,” the consultant added.

It’s unclear whether or not the insider is an worker, contractor, guide, or enterprise companion with approved entry to the corporate’s inside techniques.Commercial. Scroll to proceed studying.

Scattered Lapsus$ Hunters reportedly claimed paying $25,000 to the CrowdStrike insider for the leaked knowledge, for entry to the corporate’s techniques, and for authentication cookies.

The menace actor just lately claimed to have remodeled 1,000 victims in a number of knowledge theft campaigns focusing on Salesforce prospects, together with high-profile manufacturers and cybersecurity corporations.

Associated: Mazda Says No Information Leakage or Operational Affect From Oracle Hack

Associated: Spanish Airline Iberia Notifies Clients of Information Breach

Associated: 146,000 Impacted by Delta Dental of Virginia Information Breach

Associated: Cox Confirms Oracle EBS Hack as Cybercriminals Title 100 Alleged Victims

Security Week News Tags:, , , , , , ,

Related Posts

Hackers Target Perplexity Comet Browser Users Security Week News
How TTP-based Defenses Outperform Traditional IoC Hunting Security Week News
In Other News: McDonald’s Hack, 1,200 Arrested in Africa, DaVita Breach Grows to 2.7M Security Week News
Dropzone AI Raises $37 Million for Autonomous SOC Analyst Security Week News
Zero Networks Raises $55 Million for Microsegmentation Solution Security Week News
Cybersecurity M&A Roundup: 44 Deals Announced in July 2025 Security Week News