CrowdStrike fires an employee for leaking information to hackers
What's the story
Cybersecurity giant CrowdStrike has confirmed the termination of an employee for allegedly leaking information to a notorious hacking group. The decision came after a hacking collective, Scattered Lapsus$ Hunters, shared screenshots on their public Telegram channel. The pictures purportedly showed insider access to CrowdStrike systems and included links to various company resources like an employee's Okta dashboard for internal apps.
Allegations
Hackers claim breach via Gainsight
The hackers claimed they breached CrowdStrike by exploiting a recent security incident at Gainsight, a customer relationship management firm. They alleged that information stolen from Gainsight was used to infiltrate CrowdStrike's systems. However, CrowdStrike has dismissed these claims as "false," insisting that their systems were never compromised and customers remained protected throughout the incident.
Action taken
CrowdStrike hands case to law enforcement
CrowdStrike terminated the insider's access after discovering he had shared images of his computer screen externally. "Our systems were never compromised and customers remained protected throughout. We have turned the case over to relevant law enforcement agencies," Kevin Benacci, a spokesperson for CrowdStrike told TechCrunch.
Previous incidents
Scattered Lapsus$ Hunters's history of high-profile hacks
Scattered Lapsus$ Hunters is a group of hackers that includes several hacking groups such as ShinyHunters, Scattered Spider, and the Lapsus$. They use social engineering techniques to trick employees into giving them access to their systems or databases. In October, the group claimed to have stolen over a billion records from corporate giants using Salesforce for customer data hosting.