The individual was believed to have been paid around $25,000 for this, which all things considered, I think, is quite low when you're risking being fired and, you know, a potential jail sentence in the aftermath of this. So these were leaked on Telegram. CrowdStrike, obviously, was made aware of this and they reacted pretty swiftly like we mentioned. That person has since been dismissed, I don't think it was too much of an issue for HR in that situation.
Today's reminder of the insider threat comes to us from the National Health Service in the U.K. Craig Meighan and Billy Gaddi report: A woman has been charged after Scots patients had their private medical records accessed during an NHS data breach. Reports suggest around 100 patients in NHS Lothian could have had their records accessed as a result of the incident. The health board said it discovered patients in the region may have had their information "inappropriately accessed" during routine monitoring.
Microsoft announced that its SIEM and SOAR solution Sentinel has evolved into a unified AI-ready platform that connects users, agents, devices, actions, and risks across the security environment. This enables defenders to trace attack paths, assess blast radius, and prioritize responses with greater clarity. Security Copilot builds on this foundation, allowing teams to create custom AI agents (no coding required) that integrate seamlessly into daily workflows.
John Murray Rowe Jr., 67, of Lead, South Dakota, was sentenced today to 126 months in prison followed by three years of supervised release and a $25,000 fine for attempted espionage. The defendant was charged by indictment in December 2021 and pleaded guilty in April of last year to one count of attempted delivery of national defense information to a foreign government, and three counts of willful communication of national defense information.
Students acting maliciously - often for fun - are increasingly the cause of cyber attacks affecting schools and colleges in the UK, according to new data from the Information Commissioner's Office, which today warned that the culprits may be setting themselves up for a life of cyber crime.
Since 2022, the ICO has investigated 215 hacks and breaches in education settings and says 57% were carried out by children. According to the new data, almost a third of the breaches involved students illegally logging into staff computer systems by guessing passwords or stealing details from teachers. In one incident, a seven-year-old was involved in a data breach and subsequently referred to the National Crime Agency's Cyber Choices programme to help them understand the seriousness of their actions.
A US court sentenced a former developer at power management biz Eaton to four years in prison after he installed malware on the company's servers. Davis Lu, 55, spent a dozen years at Eaton and rose to become a senior developer of emerging technology, before the company demoted him after restructuring. Lu unwisely responded to that setback by installing a "kill switch" that would activate if the company revoked his network access.
The RN accessed medical records for reasons unrelated to patient care while on a leave of absence, highlighting serious weaknesses in privacy protections.
