FBI: Easy Access to Information for Conducting Fraudulent Emergency Data Requests Impacts US-Based Companies and Law Enforcement Agencies


The Federal Bureau of Investigation (FBI) is releasing this Private Industry Notification to highlight a trend of compromised US and foreign government email addresses used to conduct fraudulent emergency data requests to US-based companies, exposing personally identifying information (PII).

While the concept of fraudulent emergency data requests was previously used by other threat actors, such as Lapsus$, the increase in postings on criminal forums regarding the process of emergency data requests and sale of compromised credentials has led to an increase of their use. The FBI encourages organizations to implement the recommendations in the Mitigations section to reduce the likelihood and impact from submission of fraudulent emergency data requests to attempt to gain unauthorized access to PII.

Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division


Sign up for our Newsletter


Related:

  • U.S. Treasury Department Says Systems Hacked by China-Backed Actor

    December 30, 2024

    The Treasury Department told lawmakers Monday that a state-sponsored actor in China hacked its systems, accessing several user workstations and certain unclassified documents. The treasury was informed on Dec. 8 by a third-party software service provider, BeyondTrust, that a threat actor used a stolen key to remotely access certain workstations and unclassified documents, according to a ...

  • U.S. Army Soldier Arrested in AT&T, Verizon Extortions

    December 30, 2024

    Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from AT&T and Verizon. As first reported by KrebsOnSecurity last month, the accused is a communications specialist who was recently stationed in South Korea. ...

  • Washington County implements cybersecurity policy to combat potential ransomware attacks

    December 27, 2024

    The Washington County commissioners approved a new “business continuity and disaster recovery policy and plan” designed to take a proactive approach in guarding against another cyber attack like the one that crippled the county government for nearly three weeks earlier this year. The policy, which was drafted with the help of outside cyber consultants and the ...

  • Data breach at IDHS compromises 1M customers

    December 26, 2024

    On April 25, the Illinois Department of Human Services (IDHS) experienced a privacy breach. An outside entity, through a phishing campaign, gained access to multiple employee accounts, and files associated with the accounts. The files included the Social Security numbers (SSNs) of 4,701 customers and three employees. Separately, public assistance account information (name, public assistance account ...

  • WhatsApp scores historic victory against NSO Group in long-running spyware hacking case

    December 23, 2024

    A U.S. judge has ruled that Israeli spyware maker NSO Group breached hacking laws by using WhatsApp to infect devices with its Pegasus spyware. In a historic ruling on Friday, a Northern California federal judge held NSO Group liable for targeting the devices of 1,400 WhatsApp users, violating state and federal hacking laws as well as ...

  • ‘NetWalker’ Ransomware Attacker Gets 20 Years in Prison

    December 21, 2024

    Romanian national Daniel Christian Hulea pleaded guilty to computer fraud conspiracy and wire fraud conspiracy. NetWalker ransomware attacks often targeted the healthcare sector during the COVID-19 pandemic. The attacker obtained nearly 1,600 Bitcoin ransomware payments as a result of his attacks, netting him and another affiliate about $21.5 million. Hulea is being ordered to forfeit these ...