Security Breach: InfraGard Database Compromised and Up for Sale

In a significant breach of cybersecurity, the InfraGard program—managed by the FBI to foster collaboration between the government and private sectors regarding threat intelligence—has faced a serious setback. Recently, it has been revealed that a fake applicant was able to gain access to the program, allowing hackers to scrape the entire user database, which contains the contact details of over 80,000 members. This sensitive data is now being offered for sale on a well-known cybercrime forum.

The repercussions of this breach extend beyond the mere theft of information. The hackers behind this incident are actively engaging with InfraGard members via the program’s online portal, utilizing a newly created account that impersonates a CEO from the financial sector—a profile that had apparently passed the FBI’s vetting process.

This incident raises significant concerns about the security protocols in place within programs designed to promote information sharing between government entities and private organizations. The implications for trust and security in cyber threat partnerships are profound and demand immediate attention.

For a deeper analysis of this breach and its implications, visit Krebs on Security.