• Send Us A Tip
  • Calling all Tech Writers
  • Advertise
Friday, July 17, 2026
  • Login
TechStory
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
TechStory
No Result
View All Result
Home News

Insider Threat at a CrowdStrike, Cybersecurity Giant

Insider Threat at a CrowdStrike, Cybersecurity Giant

by Anochie Esther
November 23, 2025 - Updated On November 25, 2025
in News
Reading Time: 3 mins read
0
CrowdStrike

Image Credits: Newsbytes

TwitterWhatsappLinkedin

CrowdStrike, a leading name in cybersecurity, has fired an employee after allegations surfaced that the individual shared internal company information with a notorious hacker collective. The decision came in response to claims made by the hacking group known as Scattered Lapsus$ Hunters, which published screenshots of purported internal CrowdStrike dashboards on its public Telegram channel. These images allegedly revealed links to sensitive company resources, including an Okta dashboard used to access internal applications.

You might also like

The Collectibles Stop Why GameStop’s CEO Views Video Games as Irrelevant

The Augmented Apartment New York City Takes Aim at “Housefishing”

X Uses Upgraded Grok AI to Catch Content Thieves and Return $1 Million in Creator Payouts

According to the screenshots posted by Scattered Lapsus$ Hunters, the insider had privileged access to CrowdStrike’s systems. The hackers suggested that they breached CrowdStrike by leveraging data stolen from Gainsight, a customer relationship management (CRM) company. They claimed that information taken from Gainsight was used as a springboard to infiltrate CrowdStrike’s internal network.

Gainsight, for its part, has not publicly confirmed or detailed any direct involvement in the incident. The hacker collective’s public airing of this claim helped spark significant scrutiny from cybersecurity watchers and media alike.

CrowdStrike’s Response

CrowdStrike strongly denied that its systems were compromised. The company stated that there was no systemic security failure, and insisted that customer data remained protected throughout.

“Our systems were never compromised and customers remained protected throughout. We have turned the case over to relevant law enforcement agencies,” Kevin Benacci, a spokesperson for CrowdStrike 

Additionally, CrowdStrike confirmed it has referred the matter to law enforcement agencies, elevating the case from a corporate discipline issue into a full legal incident.

The Hacker Collective: Scattered Lapsus$ Hunters

The group behind the leak, Scattered Lapsus$ Hunters, is not a single actor but a collective of several hacking organizations, including ShinyHunters, Scattered Spider, and Lapsus$.

These actors are known for using sophisticated social engineering tactics particularly voice phishing to manipulate insiders at target companies. According to public statements, they allegedly paid the CrowdStrike insider $25,000 in exchange for internal access. The insider reportedly provided SSO (single sign-on) authentication cookies.

The group also tried to purchase more sensitive CrowdStrike intelligence from the insider, such as internal reports on ShinyHunters and Scattered Spider, but reportedly didn’t succeed before the insider was terminated.

No Technical Breach But a Serious Warning

CrowdStrike clarified that it was never compromised. The matter involved an insider sharing screenshots, not any exploitation of vulnerabilities or system weaknesses.

This distinction matters. It suggests that CrowdStrike wasn’t compromised due to a vulnerability in its software or systems, but because of human behavior. The employee leaked data voluntarily, rather than through malicious exploitation of network flaws.

This isn’t the first time the Scattered Lapsus$ Hunters have made headlines for exploiting third-party vendors. The group claims to have leveraged a breach at Gainsight (which serves Salesforce clients) to gain access to other target companies. This echoes a larger trend in cybersecurity: attackers increasingly exploit supply-chain relationships to launch more damaging attacks.

By targeting smaller or weaker vendors first, hacker collectives can pivot into larger, more lucrative targets.

Going forward, CrowdStrike will likely tighten its internal monitoring and access controls. The company’s response immediate termination and a law-enforcement referral suggests it recognizes the severity of insider risk. For other organizations, this incident may serve as a wake-up call to reassess how they monitor privileged users and manage third-party integrations.

On the cybersecurity front, the episode reinforces the importance of zero-trust principles and rigorous vetting of internal users. Even trusted employees can pose major risks if incentives and motivations align with malicious actors.

For customers of CrowdStrike and other security vendors, the takeaway is subtle but critical: no defense is perfect when human factors are at play. As cybercriminals continue to evolve, companies must remain vigilant not just about outside threats, but internal ones too.

 

Tags: #Gainsight#Insider ThreatcrowdstrikeCybersecurity
Tweet58SendShare16
Previous Post

Apple might be quietly expanding its iPhone 17 family

Next Post

How to evolve Eevee into Vaporeon in Pokémon Go?

Anochie Esther

Recommended For You

The Collectibles Stop Why GameStop’s CEO Views Video Games as Irrelevant

by Anochie Esther
July 17, 2026
0
GameStop CEO says games irrelevant

The modern brick-and-mortar retail sector has spent nearly a decade retreating in the face of absolute digital distribution networks. In no sector has this structural shift been more...

Read more

The Augmented Apartment New York City Takes Aim at “Housefishing”

by Anochie Esther
July 17, 2026
0
NYC apartment AI disclosure mandate

The historic and notoriously exhausting battle to secure a rental apartment in New York City is entering a completely unprecedented technological friction point. For generations, prospective tenants navigating...

Read more

X Uses Upgraded Grok AI to Catch Content Thieves and Return $1 Million in Creator Payouts

by Rounak Majumdar
July 17, 2026
0
X Uses Upgraded Grok AI to Catch Content Thieves and Return $1 Million in Creator Payouts

X has launched an improved version of its Grok AI algorithm to combat content theft throughout the network, eliminating roughly 4,000 creator revenue-sharing accounts and flagging many of...

Read more
Next Post
Vaporeon

How to evolve Eevee into Vaporeon in Pokémon Go?

Please login to join discussion

Techstory

Tech and Business News from around the world. Follow along for latest in the world of Tech, AI, Crypto, EVs, Business Personalities and more.
reach us at info@techstory.in

Advertise With Us

Reach out at - info@techstory.in

Aviator Game India 2026

BROWSE BY TAG

#Crypto #howto 2024 acquisition AI amazon Apple Artificial Intelligence bitcoin Business China cryptocurrency e-commerce electric vehicles Elon Musk Ethereum facebook funding Gaming Google India Instagram Investment ios iPhone IPO Market Markets Meta Microsoft News OpenAI samsung Social Media SpaceX startup startups tech technology Tesla TikTok trend trending twitter US

© 2025 Techstory.in

No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to

© 2025 Techstory.in

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?