Ethical Hacking News
CrowdStrike Discovers Insider Compromised by Hackers, Customers' Data Remains Safe: In a recent incident that highlights the ongoing threat of insider attacks, CrowdStrike has confirmed that an employee shared sensitive information with hackers. Despite this compromise, customers' data remained safe.
A CrowdStrike employee shared sensitive information with hackers, compromising internal systems. The incident did not result in a breach of customers' data or systems. The suspicious insider was identified and terminated following an internal investigation. The cybercrime collective Scattered Lapsus$ Hunters used the compromised screenshots as leverage for breaching Jaguar Land Rover. Organizations must implement robust cybersecurity measures to safeguard against both external threats and insider attacks.
In a recent incident that highlights the ongoing threat of insider attacks, CrowdStrike, a leading cybersecurity firm, has confirmed that an employee shared sensitive information with hackers. This compromise, however, did not result in any breach of customers' data or systems.
According to sources within the company, the suspicious insider was identified and terminated following an internal investigation that uncovered evidence of external sharing. The incident occurred last month, when the employee accidentally shared screenshots taken on CrowdStrike's internal systems with unnamed threat actors. This exposure, although concerning, did not lead to any compromise of customers' data or systems.
The news of this incident serves as a reminder of the ongoing threats posed by insider attacks and highlights the importance of robust cybersecurity measures in protecting sensitive information. In response to questions regarding the recent screenshots posted on Telegram by members of the threat groups ShinyHunters, Scattered Spider, and Lapsus$, CrowdStrike emphasized that their systems were never compromised and that customers' data remained protected throughout.
The Scattered Lapsus$ Hunters cybercrime collective, which has been linked to a wave of high-profile breaches targeting Salesforce customers, including major brands such as Google, Cisco, Allianz Life, Farmers Insurance, Qantas, Adidas, Workday, and several subsidiaries of luxury companies like Dior and Tiffany & Co., used the compromised screenshots as leverage. They claimed responsibility for breaching Jaguar Land Rover (JLR), resulting in damages of over £196 million ($220 million) in the last quarter.
The ShinyHunters group has previously been involved in data-leak sites to extort dozens of companies impacted by massive wave of Salesforce breaches, and their latest move showcases the adaptability of these cybercrime groups. The collective now collectively refers to themselves as "Scattered Lapsus$ Hunters" and has shifted towards using a new ransomware-as-a-service platform named ShinySp1d3r.
CrowdStrike's confirmation that an insider shared sensitive information with hackers serves as a stark reminder of the risks associated with insider attacks. Despite this, CrowdStrike took swift action to identify and terminate the suspicious insider and ensure that customers' data remained protected.
This incident underscores the importance of implementing robust cybersecurity measures to safeguard against both external threats and insider attacks. It also highlights the need for organizations to conduct thorough internal investigations when they become aware of potential security breaches or suspicious activity within their systems.
In light of this incident, it is essential for companies to adopt a comprehensive approach to cybersecurity that includes regular employee training, thorough background checks for new hires, and ongoing monitoring to detect potential insider threats. Furthermore, the use of robust cybersecurity tools, such as CrowdStrike's, can play a crucial role in protecting sensitive information from both external threats and insider attacks.
In conclusion, this incident highlights the importance of vigilance when it comes to cybersecurity and underscores the need for organizations to implement comprehensive measures to safeguard against potential insider threats. By adopting a proactive approach to security and leveraging robust cybersecurity tools, companies can minimize the risk of data breaches and protect their sensitive information.
Related Information:
https://www.ethicalhackingnews.com/articles/CrowdStrike-Discovers-Insider-Compromised-by-Hackers-Customers-Data-Remains-Safe-ehn.shtml
https://www.bleepingcomputer.com/news/security/crowdstrike-catches-insider-feeding-information-to-hackers/
Published: Fri Nov 21 10:56:51 2025 by llama3.2 3B Q4_K_M
