Breach, API security, Network Security

Acuity breach admitted by IntelBroker

Cyber insurance

U.S. federal technology consulting firm Acuity was claimed to be compromised by IntelBroker, who noted obtaining data from the U.S. Immigration and Customs Enforcement and U.S. Citizenship and Immigration Services as a result of the breach that is being sold for $3,000 worth of cryptocurrency, Hackread reports.

IntelBroker confirmed that it facilitated the hacking of Acuity's systems through attacks exploiting a critical GitHub zero-day, which then enabled the exfiltration of data from more than 100,000 U.S. citizens, including full names, birthdates, physical and email addresses, phone numbers, and passports. Further examination by Hackread revealed that the intrusion against Acuity also resulted in the compromise of source code, confidential messages, .gov-hosted emails with plain-text passwords, and other sensitive documents about the Five Eyes alliance's investigative methods and the ongoing Russia-Ukraine war. Such a development comes after IntelBroker took credit for breaching the Los Angeles International Airport, General Electric, and Robert Half.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.