The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program’s data on the dark web.

The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for sale on a cybercrime forum called Breached. When Krebs called the seller, also known as USDoD, they said they had stolen the information by pretending to be the CEO of a large but unnamed U.S. financial institution that evaluated Americans’ credit ratings. The hacker’s application was approved within a few weeks, presumably without any FBI scrutiny. USDoD claims that after being given access to the company’s internal environment, they utilized a straightforward Python script directed at one of the website’s APIs to access and steal the personal data of other participating members.

According to Krebs, many of the accounts in the database are missing critical personal data, including birthdays, social security numbers, and emails. This database, which provides access to the contact details of more than 80,000 InfraGard members, is currently on sale on the Breached cybercrime site for $50,000.

Although USDoD acknowledges that the database’s $50,000 price tag is excessive, it is necessary in order for a price negotiation to take place if a buyer expresses an interest. Despite the limited information, nothing stops hackers from contacting these well-known individuals while the InfraGard account is still active.

The FBI’s lack of security checks is the most concerning part of this data breach. The individual whose identity was used to open this account has stated that the FBI did not get in touch with them before the account was authorized. Additionally, the FBI informed Krebs that it was aware of a possible false account connected to InfraGard and that “this is an ongoing issue, and we are unable to give any other information at this time.”

Related Posts - TKS Blog

TKS Newsletter - 2024 December
Here's our December 2024 Newsletter Read the full PDF version here: The TKS Sentinel - December Issue In this month's edition, we discuss: Ransomware Threats PDF Hijacking ...
Read more
5 New Trends from a Study on the State of AI at Work
5 New Trends of AI At Work
The pace of technological advancement is accelerating. This is not news to anyone wading through the ChatGPT craze. Artificial intelligence (AI) is at the forefront...
Read more
pitfalls of cyber attack
Avoid These Data Breach Damage Control Pitfalls
Data breaches are an unfortunate reality for businesses of all sizes. When a breach occurs, the immediate response is critical. How a company manages the...
Read more
email security tips
Enhance Your Email Security in 6 Simple Steps
6 Simple Steps to Enhance Your Small Business Email Security Email is one of the most commonly used tools in business today—but it’s also a prime...
Read more

Used with permission from Article Aggregator