Exxon lobbyist investigated over hack-and-leak of environmentalist emails


The FBI has been investigating a longtime Exxon Mobil consultant over the contractor’s alleged role in a hack-and-leak operation that targeted hundreds of the oil company’s biggest critics, according to three people familiar with the matter.

The operation involved mercenary hackers who successfully breached the email accounts of environmental activists and others, the sources told Reuters. The scheme allegedly began in late 2015, when U.S. authorities contend that the names of the hacking targets were compiled by the DCI Group, a public affairs and lobbying company working for Exxon at the time, one of the sources said. DCI provided the names to an Israeli private detective, who then outsourced the hacking, according to the source.

Read more…
Source: Reuters News


Sign up for our Newsletter


Related:

  • ModeLeak: Privilege Escalation to LLM Model Exfiltration in Vertex AI

    November 12, 2024

    In the race to gain a competitive edge, organizations are increasingly training artificial intelligence (AI) models on sensitive data. But what if a seemingly harmless AI model became a gateway for attackers? A malicious actor could upload a poisoned model to a public repository, and without realizing it, your team could deploy it in your environment. ...

  • Amazon Confirms Employee Data Was Exposed Through MOVEit Breach

    November 12, 2024

    In a significant development that underscores the lasting impact of 2023’s MOVEit vulnerability, Amazon has confirmed that employee data was compromised through a third-party property management vendor. The breach, revealed by a threat actor known as “Nam3L3ss,” exposes the continuing ripple effects of one of last year’s most devastating supply chain attacks. The compromise stems from ...

  • New Google Chrome Warning As ‘No 0-Day’ Drive-By Cyber Attack Confirmed

    November 12, 2024

    The cost of zero-day exploits has always been high, especially if they allow an attacker to remotely execute code on a host machine. But why pay hundreds of thousands of dollars for an 0-day when a relatively simple drive-by attack doesn’t need one and can achieve much the same result? That’s what interested an Imperva security ...

  • UK: Cyber attack disables prison vans’ panic alarms

    November 6, 2024

    Tracking devices and panic alarms on prisoner transport vans have been disabled in a cyber attack. Serco, which has a contract for prisoner escort and custody services, was among companies hit by the cyber attack on Microlise. Microlise provides tracking software that enables Secro to keep track of the vans’ location and potential threats, and devices ...

  • Hackers could take over your email account by stealing cookies, even if you have MFA

    November 5, 2024

    Most of us don’t think twice about checking the “Remember me” box when we log in. When you log in and the server has verified your authentication—straight away or after using MFA–the server creates a session and generates a unique session ID. This session ID is stored in a session cookie (or a “Remember-Me cookie” as ...

  • Crooks bank on Microsoft’s search engine to phish customers

    November 4, 2024

    Malwarebytes Labs researchers identified a new wave of phishing for banking credentials that targets consumers via Microsoft’s search engine. A Bing search query for ‘Keybank login’ currently returns malicious links on the first page, and sometimes as the top search result. Malwarebytes Labs has reported the fraudulent sites to Microsoft already. While Microsoft’s Bing only has ...