U.S. federal technology consulting firm Acuity was claimed to be compromised by IntelBroker, who noted obtaining data from the U.S. Immigration and Customs Enforcement and U.S. Citizenship and Immigration Services as a result of the breach that is being sold for $3,000 worth of cryptocurrency, Hackread reports.
IntelBroker confirmed that it facilitated the hacking of Acuity's systems through attacks exploiting a critical GitHub zero-day, which then enabled the exfiltration of data from more than 100,000 U.S. citizens, including full names, birthdates, physical and email addresses, phone numbers, and passports. Further examination by Hackread revealed that the intrusion against Acuity also resulted in the compromise of source code, confidential messages, .gov-hosted emails with plain-text passwords, and other sensitive documents about the Five Eyes alliance's investigative methods and the ongoing Russia-Ukraine war. Such a development comes after IntelBroker took credit for breaching the Los Angeles International Airport, General Electric, and Robert Half.
