Cybersecurity leader CrowdStrike recently made headlines after confirming the termination of a suspicious insider who allegedly leaked company information to a notorious hacking group. The insider’s actions were brought to light when a hacking collective called Scattered Lapsus$ Hunters published screenshots on a public Telegram channel, revealing insider access to CrowdStrike systems. These screenshots displayed dashboards with links to valuable company resources, including a user’s Okta dashboard used for internal app access.
The hackers claimed that they infiltrated CrowdStrike through a breach at Gainsight, a customer relationship management company that assists Salesforce customers in managing their data. However, CrowdStrike swiftly refuted these claims, stating that their systems were never compromised and that the insider’s access was terminated upon discovering that he had shared images of his computer screen externally. CrowdStrike’s spokesperson, Kevin Benacci, emphasized that customer protection was never compromised and that the matter has been handed over to law enforcement agencies for further investigation.
Aside from CrowdStrike, several other tech companies were reportedly targeted in the same hacking campaign. Gainsight, the initial point of entry according to the hackers, did not respond to requests for comment. The hackers behind Scattered Lapsus$ Hunters employ social engineering tactics to deceive employees into granting them access to sensitive systems and databases.
This incident comes on the heels of a previous claim by Scattered Lapsus$ Hunters in October, where they boasted about stealing over 1 billion records from major corporations utilizing Salesforce for customer data storage. The hackers created a data leak site listing compromised companies, including Allianz Life, Qantas, Stellantis, TransUnion, Workday, and others.
As cybersecurity threats continue to evolve, companies like CrowdStrike remain vigilant in safeguarding their systems and customer data. It serves as a stark reminder of the importance of maintaining robust cybersecurity measures in an increasingly digital world.
