Crowdstrike Fires ‘suspicious Insider’ Who Passed Information To Hackers

Cybersecurity elephantine CrowdStrike has confirmed firing a “suspicious insider” past period who allegedly fed accusation astir nan institution to a notorious hacking group.

A hacking corporate known arsenic Scattered Lapsus$ Hunters published screenshots precocious Thursday and Friday greeting successful a nationalist Telegram transmission that allegedly showed insider entree to CrowdStrike systems. The screenshots, which TechCrunch has seen, show dashboards containing links to institution resources, including a user’s Okta dashboard utilized by labor for accessing soul apps.

The hackers claimed successful nan Telegram transmission to person compromised CrowdStrike done a recent breach astatine Gainsight, a customer narration guidance institution that helps Salesforce customers way and negociate their ain customers’ data. The hackers said they utilized accusation stolen from Gainsight to break into CrowdStrike.

But CrowdStrike says nan hackers’ claims are “false,” and says it terminated nan insider’s entree aft nan institution “determined he shared pictures of his machine surface externally.”

“Our systems were ne'er compromised and customers remained protected throughout. We person turned nan lawsuit complete to applicable rule enforcement agencies,” CrowdStrike spokesperson Kevin Benacci told TechCrunch.

Several different tech companies were allegedly hacked arsenic portion of nan aforesaid campaign. Gainsight did not respond to TechCrunch’s requests for comment.

Scattered Lapsus$ Hunters is simply a corporate of hackers made up of respective hacking groups, notably ShinyHunters, Scattered Spider, and Lapsus$. The group’s members usage social engineering techniques to instrumentality labor into granting them entree to their systems aliases databases. 

In October, Scattered Lapsus$ Hunters claimed to person stolen more than 1 cardinal records from firm giants who trust connected Salesforce to big their customer data. The hackers published a information leak tract listing information stolen from companies including security elephantine Allianz Life, the hose Qantas, carmaker Stellantis, in installments bureau TransUnion, and nan worker guidance level Workday and others.