InfraGard

History

2022: Network hacking

On December 13, 2022, it became known that cybercriminals gained access to the InfraGard system controlled by the Federal Bureau of Investigation (FBI) and stole information about tens of thousands of users. This data is put up for sale on one of the hacker forums.

InfraGard is a closed FBI social network that is designed to connect civil servants, owners of critical infrastructure resources and operators. The service, among other things, helps to exchange information related to cyber threats. The heads of large companies, IT specialists, as well as representatives of the energy, medical, transport and financial industries are connected to InfraGard.

The hacker gained access to the closed FBI social network and stole the personal data of 80 thousand civil servants

The theft of InfraGard data was reported by a cybercriminal hiding under the nickname USDoD. It is known that in November 2022 he applied for connection to a closed social network on behalf of the chief executive officer of a certain company. At the same time, the real email address and phone number of the manager were indicated. In early December 2022, the application was approved, and USDoD was able to join the InfraGard community. Then the attacker began collecting personal data using the software interface (API).

As a result, information was obtained about more than 80 thousand InfraGard users. Data Base contains names and specific contact information. About half of the records also include an email address. At the same time, other fields such as Social Security number and date of birth are not filled in. The cybercriminal sells the base for $50 thousand. Theoretically, stolen information can be used to organize any fraudulent schemes or targeted attacks. The FBI said it was investigating the incident, refusing to provide any further information on the matter.^[1]

Notes