Security Affairs
Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Database of the FBI’s InfraGard US Critical Infrastructure Intelligence portal available for sale

The portal of the FBI’s InfraGard US Critical Infrastructure Intelligence was hacked, and data is available for sale on a cybercrime forum. InfraGard is a partnership between the Federal Bureau of Investigation (FBI) and members of the private sector for the protection of U.S. Critical Infrastructure. Through seamless collaboration, InfraGard connects owners and operators within […]

Infragard

The portal of the FBI’s InfraGard US Critical Infrastructure Intelligence was hacked, and data is available for sale on a cybercrime forum.

InfraGard is a partnership between the Federal Bureau of Investigation (FBI) and members of the private sector for the protection of U.S. Critical Infrastructure. Through seamless collaboration, InfraGard connects owners and operators within critical infrastructure to the FBI, to provide education, information sharing, networking, and workshops on emerging technologies and threats.

The FBI’s InfraGard US Critical Infrastructure Intelligence portal was hacked and a database containing the contact details of more than 80,000 high-profile private sector individuals is now available for sale on the Breached cybercrime forum.

“InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum.” reported KrebOnSecurity. “Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online — using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself.”

The seller, who is a forum member that goes online with moniker USDoD, is demanding $50,000 for the full user database containing names and contact information.

Infragard

According to Brian Krebs, USDoD claims to have breached the FBI’s InfraGard system by applying for a new account using the name, Social Security Number, date of birth  and other personal details of a major U.S. financial corporation that was highly likely to be granted InfraGard membership.

The attacker applied for an account in November and by early December the account had been surprisingly approved.

The attacker used a Python script developed by a friend to query the InfraGard API and enumerate all user data.

“InfraGard is a social media intelligence hub for high profile persons,” USDoD told Krebs. “They even got [a] forum to discuss things.”

The hack revealed the poor level of cybersecurity implemented by the FBI, the US agency told Krebs that it is aware of a potential false account associated with InfraGard.

“This is an ongoing situation, and we are not able to provide any additional information at this time,” reads the statement shared by the FBI.

USDoD said that the sale of the database is covered by the escrow service offered by the Breached administrator Pompompurin.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, FBI)

[adrotate banner=”5″]

[adrotate banner=”13″]