ITMG Insider Threat Cases – August 23, 2021

T-Mobile Breach Hits 53 million Customers as Probe Finds Wider Impact

T-Mobile US Inc said on Friday an ongoing investigation into a data breach revealed that hackers accessed personal information of an additional 5.3 million customers, bringing the total number of people affected to more than 53 million.

The third largest U.S. wireless carrier had earlier this week said that personal data of more than 40 million former and prospective customers was stolen along with data from 7.8 million existing T-Mobile wireless customers.

Threat Actor Asks Insiders Help to Plant Black Kingdom Ransomware

A Nigerian threat actor was discovered attempting to recruit employees by promising them $1 million in bitcoins in exchange for deploying Black Kingdom ransomware on their networks. The researchers identified many messages addressed to inboxes secured by cloud email protection vendor Abnormal Security because the sender offered the receiver a $1 million compensation for planting ransomware on the network.

According to Abnormal Security researchers, the sender promises the employee that if they can successfully install ransomware on a company computer or Windows server, they will be paid $1 million in bitcoin, or 40% of the alleged $2.5 million ransom.

Disgruntled HR Exec Deleted 17K Resumes and Destroyed Personnel Data After Being Fired

Forty-one-year-old Medghyne Calonge of Tampa was charged with maliciously destroying personnel files and deleting thousands of résumés for prospective employees after being fired from 1-800-Accountant, Market Watch reports.

Prosecutors say that colleagues reported seeing Calonge repeatedly hitting the delete key after receiving her pink slip in June 2019. She had only been working there six months when she was terminated due to poor performance.

ResMan ends up with $62 mln in trade-secret win after $152 mln verdict

ResMan sued Karya and Expedien in 2019 for breach of contract and trade-secret theft, alleging Karya gave Expedien access to ResMan’s software without permission to help it develop its own property-management software called Arya.

The Thursday final judgment awards ResMan over $28.2 million from Karya and more than $34.2 million from Expedien in actual and punitive damages for misappropriating trade secrets, plus attorneys’ fees and pre- and post-judgment interest from both defendants.

Huawei Accused of Stealing Trade Secrets, Spying in Pakistan

Software company Business Efficiency Solutions LLC has sued Huawei in California federal court for allegedly stealing its trade secrets following their work together on a project for the Pakistani government.

According to the complaint, Huawei subcontracted with BES in 2016 for its $150 million bid to develop software for a Pakistani government program providing new technology for police and law enforcement in Lahore. BES said it created software for the project that collects data from government agencies, controls access to buildings, monitors social media and manages drones, among other things.

District Woman Sentenced to Two Years in Prison for Stealing Over $364,000 from Employer

According to court papers, beginning on or about Jan. 1, 2015, and continuing through on or about Feb. 28, 2018, Lucas, who was employed as bookkeeper and cash handler for a restaurant in downtown Washington, implemented a scheme to steal from her employer. Lucas was responsible for ensuring that the restaurant had sufficient cash in its safe and bars to conduct the restaurant’s business of serving food and beverages to customers.

Discover more from ITMG

Subscribe now to keep reading and get access to the full archive.

Continue reading