- I opened up a cheap 600W charger to test its build, and found 'goo' inside
- How to negotiate like a pro: 4 secrets to success
- One of the cheapest Android tablets I've ever tested replaced my iPad with no sweat
- I use this cheap Android tablet more than my iPad Pro - and don't regret it
- The LG soundbar made my home audio sound like a theater - even though it's not the newest model
Threat Actor Claims Classified Five Eyes Data Theft
A known threat actor has leaked online classified documents from the US government and its allies that they claim were stolen from a government IT contractor.
IntelBroker took credit for the breach, alongside Sanggiero and EnergyWeaponUser, according to a screenshot posted to X (formerly Twitter) by security researchers HackManac.
“Today I am releasing the documents belonging to the Five Eyes Intelligence Group,” the post noted. “The data was obtained by breaching into Acuity Inc, a company that works directly with the US government and its allies.”
Acuity is a Virginia-based federal technology consultancy which claims to have “deep expertise” in areas such as IT modernization, DevSecOps, cybersecurity, data analytics and operations support.
According to the post on an underground cybercrime forum, the threat actors have classified information including full names, government and military email addresses, office and personal phone numbers, and “classified information and communications between the Five Eyes, 14 Eyes and US allies.”
#DataBreach Alert ⚠️
🇺🇸#USA: Alleged Acuity Inc breach leads to leak of sensitive Five Eyes Intelligence Group (FVEY) documents.
The threat actor group consisting of IntelBroker, Sanggiero, and EnergyWeaponUser claims to have breached Acuity Inc, a federal tech consulting firm,… pic.twitter.com/qGV8IUmkT7
— HackManac (@H4ckManac) April 3, 2024
There’s good reason to suspect that IntelBroker’s claims are legitimate, with the actor linked to a string of successful high-profile breaches in the past.
In March 2023, they obtained personal data on 170,000 individuals including members of the US House of Representatives, after compromising health insurance marketplace DC Health Link, which is managed by the DC Health Benefit Exchange Authority (HBX).
In November of the same year, they advertised for sale sensitive information purportedly stolen from industrial giant and US government contractor General Electric.
“Data includes a lot of DARPA-related military information, files, SQL files, documents etc,” they said at the time.
Threat intelligence specialist Dark Web Informer claimed on X that IntelBroker had made the breach fully available in unredacted form on their X account. However, that account was rapidly suspended by the social media firm, indicating at least the seriousness of the claims.
