Department Of Justice Federal Bureau Of Investigation sign on wall with doorway

Kristi Blokhin/Shutterstock (Licensed)

FBI’s cybersecurity infosharing partnership breached, hacker selling details for $50,000

The members include private sector individuals and companies tasked with protecting critical infrastructure.


Mikael Thalen


Posted on Dec 14, 2022   Updated on Dec 15, 2022, 9:27 am CST

A hacker is attempting to sell a database containing the personal information of more than 88,000 members of InfraGard, an FBI-affiliated organization that helps the bureau partner with security experts in the private sector.

The data, as first reported by cybersecurity reporter Brian Krebs, first appeared on a notorious hacking forum on Saturday and is currently being sold for $50,000. The cache is said to mostly contain the names of InfraGard members as well as a small number of email addresses. An even smaller number of entries include a date of birth and Social Security Number.

InfraGard, according to the mission statement on its website, aims “to promote ongoing dialogue and timely communication between members and the FBI specifically concerning the security of, vulnerabilities in, and threats to critical infrastructure entities.”

The list of names contains what Krebs describes as “a vetted Who’s Who of key people” working in both cyber and physical security at “drinking water and power utilities, communications and financial services firms, transportation and manufacturing companies, healthcare providers, and nuclear energy firms.”

The hacker, who goes by the name USDoD, says they were able to gain access to the database after applying for membership to InfraGard in November using the personal details of the head of a major U.S. financial corporation. Shockingly, the phony application was accepted less than a month later.

Although Krebs says he contacted the FBI prior to publication, the hacker still retained access to the InfraGard system as of Tuesday. On Wednesday, the FBI confirmed to Krebs that it was aware of reports regarding the hacker’s alleged access.

“This is an ongoing situation, and we are not able to provide any additional information at this time,” the FBI said.

The hacker, as revealed by screenshots from InfraGard’s internal portal, has already begun using the fake account to build relationships with high-profile members. Such activity could be used for further malicious activity in the future.

In a statement to the Daily Dot, Dr. Ilia Kolochenko, Adjunct Professor of Cybersecurity & Cyber Law at Capitol Technology University, warned that such a breach could potentially lead to “devastating consequences.”

“Organized cybercrime groups will readily pay $50,000 to get sensitive personal details of cyber investigators and law enforcement officers to launch sophisticated phishing attacks and impersonation campaigns, trying to get privileged access to other highly sensitive resources or governmental databases by reusing stolen information,” he said.

It currently remains unclear whether the data has been sold. The hacker noted in their post that the data would be sold “one time only.”

We crawl the web so you don’t have to.
Sign up for the Daily Dot newsletter to get the best and worst of the internet in your inbox every day.
Sign up now for free
Share this article
*First Published: Dec 14, 2022, 12:25 pm CST