Major Security Breach: InfraGard’s Database Compromised

In a troubling development, InfraGard, a program overseen by the Federal Bureau of Investigation (FBI) that aims to facilitate the sharing of critical cyber and physical threat information between the public and private sectors, has become the victim of a significant data breach. Reports indicate that the personal contact database, which includes details on over 80,000 members, has been compromised and is currently for sale on a cybercrime forum operating in English.

What exacerbates this situation is the fact that the hackers—who successfully infiltrated this formidable network—have managed to create a new account on the InfraGard portal. This account is masquerading as a CEO from the financial sector, a role that had passed the FBI’s vetting process. Alarmingly, the group is using this account to directly engage with unsuspecting InfraGard members online.

The breach raises serious questions about the vetting processes in place and the overall security of the program that was designed to enhance communication and collaboration in safeguarding against threats. As the details of this incident unfold, it serves as a stark reminder of the vulnerabilities that even established programs can experience in today’s digital landscape.

For further insights into this developing story, please follow the link: Krebs on Security.