Critical Infrastructure Security, Breach, Threat Management, Privacy

FBI’s InfraGard database compromised

Share

The FBI's InfraGard program for protecting U.S. critical infrastructure in partnership with the private sector had its more than 80,000-member database compromised, according to The Associated Press. The hacker who went by the alias USDoD on the BreachForums site claimed to obtain the entire database of InfraGard, which counts business leaders, government officials, and IT professionals as its members, by masquerading as a finance CEO, said the attacker to independent cybersecurity journalist Brian Krebs. USDoD said that they were able to secure InfraGard membership by using a contact email address and the impersonated CEO's real mobile number, while a simple software script was leveraged to access the database information. Tens of thousands of InfraGard users' names, affiliations, and contact details were included in the database, but only slightly more than half of the members had their emails exposed. Social Security numbers and birthdates were also not included in the stolen data, noted USDoD, which has been selling the entire database for $50,000.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.