InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information-sharing partnerships with the private sector, had its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum.
Meanwhile, the hackers that initiated the incident are communicating directly with members through the InfraGard portal online — using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself.
Source: https://www.databreaches.net/fbis-vetted-info-sharing-network-infragard-hacked/
TPRM report: https://scoringcyber.rankiteo.com/company/infragard
"id": "inf2211141222",
"linkid": "infragard",
"type": "Breach",
"date": "12/2022",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 80000,
'industry': 'Law Enforcement',
'location': 'United States',
'name': 'InfraGard',
'type': 'Government Program'}],
'attack_vector': 'Account Takeover',
'data_breach': {'number_of_records_exposed': 80000,
'type_of_data_compromised': 'Contact Information'},
'description': 'InfraGard, a program run by the U.S. Federal Bureau of '
'Investigation (FBI) to build cyber and physical threat '
'information-sharing partnerships with the private sector, had '
'its database of contact information on more than 80,000 '
'members go up for sale on an English-language cybercrime '
'forum. Meanwhile, the hackers that initiated the incident are '
'communicating directly with members through the InfraGard '
'portal online — using a new account under the assumed '
'identity of a financial industry CEO that was vetted by the '
'FBI itself.',
'impact': {'data_compromised': 'Contact Information',
'systems_affected': 'InfraGard Portal'},
'initial_access_broker': {'data_sold_on_dark_web': True,
'entry_point': 'InfraGard Portal'},
'motivation': 'Financial Gain',
'title': 'InfraGard Database Breach',
'type': 'Data Breach'}