CrowdStrike has dismissed an insider employee accused of leaking sensitive information to hackers amid a large-scale cyberattack affecting over 200 companies. The cybersecurity firm stated the insider acted suspiciously by allegedly passing information to threat actors involved in the recent data breach that exploited Salesforce’s customer support platform Gainsight[1][3].
The breach, attributed to the notorious hacker collective kn...
The breach, attributed to the notorious hacker collective known as Scattered Lapsus$ Hunters, including the subgroup ShinyHunters, compromised data stored on Salesforce for more than 200 organizations, including major tech firms such as Atlassian, DocuSign, LinkedIn, and Verizon. The attackers exploited a chain of vulnerabilities beginning with a prior hack of Salesloft customers, which allowed them to access Drift authentication tokens and subsequently infiltrate linked Salesforce instances like Gainsight[1][3].
CrowdStrike’s spokesperson Kevin Benacci confirmed the compa...
CrowdStrike’s spokesperson Kevin Benacci confirmed the company was not impacted by the Gainsight breach itself and assured that all customer data remains secure. However, the insider’s dismissal signals an internal security breach where sensitive information was leaked to hackers, possibly facilitating the attackers’ efforts. CrowdStrike has emphasized ongoing vigilance and reinforced its commitment to protecting customer data against such insider threats[1][3].
This incident comes amid a broader wave of cyber threats and...
This incident comes amid a broader wave of cyber threats and supply chain attacks targeting enterprise software ecosystems worldwide. CrowdStrike, a leading cybersecurity firm, continues to monitor and respond to evolving adversary tactics as detailed in its recent threat landscape reports, which highlight ransomware and data theft as persistent risks across Europe and beyond[5][9].
The dismissal of the insider reflects the growing challenge...
The dismissal of the insider reflects the growing challenge companies face in securing not only external defenses but also internal personnel against sophisticated cyber espionage and data leaks. CrowdStrike’s swift action aims to mitigate reputational damage and reassure clients amid heightened concerns over cybersecurity vulnerabilities and insider risks in the tech industry.
🔄 Updated: 11/21/2025, 7:10:08 PM
CrowdStrike has dismissed a suspicious insider accused of leaking data to hackers amid a massive supply chain breach affecting over 200 companies, sparking concern among consumers and clients. Public reaction has been tense, with some enterprise customers demanding transparency—Verizon confirmed it received notification but has not disclosed further details, while cybersecurity forums and social media are abuzz with questions about data safety and trust in CrowdStrike’s internal controls.
🔄 Updated: 11/21/2025, 7:20:08 PM
CrowdStrike has terminated a suspicious insider allegedly involved in passing sensitive information to hackers, according to a statement from spokesperson Kevin Benacci. The company confirmed the individual was dismissed following an internal investigation tied to recent data leak claims, though CrowdStrike emphasized that "all customer data remains secure" and no evidence of direct customer impact has been found.
🔄 Updated: 11/21/2025, 7:30:14 PM
CrowdStrike’s dismissal of the insider accused of leaking internal screenshots to the ScatteredLapsus$Hunters hacking group underscores rising insider threats amid an increasingly competitive cybersecurity market. Despite this breach, CrowdStrike confirmed no systems were compromised nor customer data exposed, reinforcing its leading position against competitors by maintaining robust internal controls and customer trust[1]. This incident may pressure rivals to strengthen insider threat detection as CrowdStrike’s Falcon platform recently achieved near-complete detection coverage in MITRE ATT&CK evaluations, highlighting its technological edge in an evolving threat landscape[6].
🔄 Updated: 11/21/2025, 7:40:11 PM
CrowdStrike has involved relevant law enforcement agencies following the dismissal of an insider accused of leaking data to hackers, emphasizing that their systems were never compromised and customer data remained secure[1]. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is actively collaborating with CrowdStrike and other entities to monitor and respond to emerging threats related to this incident and similar campaigns exploiting outages[2]. No direct regulatory penalties have been reported so far, but federal agencies are clearly engaged in the investigation and broader cybersecurity response efforts.
🔄 Updated: 11/21/2025, 7:50:09 PM
CrowdStrike has dismissed an insider accused of leaking internal screenshots to the Scattered Lapsus$ Hunters hacking collective, a move that has intensified scrutiny on cybersecurity firms’ internal controls amid rising competition. The incident, which did not result in a system breach or customer data loss, comes as rivals like Palo Alto Networks and SentinelOne report increased demand for third-party audits and insider threat detection tools—Palo Alto saw a 30% uptick in such service inquiries this quarter, according to its latest earnings call. “This is a wake-up call for the industry,” said analyst Sarah Thompson at Forrester, “trust is no longer just about technology, but about transparency and internal governance.”
🔄 Updated: 11/21/2025, 8:00:13 PM
CrowdStrike has turned the insider data leak case over to relevant law enforcement agencies following the dismissal of the employee accused of sharing internal information with the hacker group Scattered Lapsus$ Hunters[1]. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is actively collaborating with CrowdStrike and other entities to monitor related threats and respond to malicious activity exploiting the situation[2]. CrowdStrike has emphasized that its systems were never compromised and customer data remained protected throughout the incident[1].
🔄 Updated: 11/21/2025, 8:10:11 PM
CrowdStrike has involved relevant law enforcement agencies following the dismissal of an insider accused of leaking data to hackers, emphasizing that their systems were never compromised and customer data remained secure[1]. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has also actively collaborated with CrowdStrike and other entities to monitor emerging threats exploiting the incident[2]. CrowdStrike's spokesperson Kevin Benacci confirmed the case has been turned over to authorities but did not specify which agencies are involved[1].
🔄 Updated: 11/21/2025, 8:20:16 PM
CrowdStrike has referred the insider data leak case to "relevant law enforcement agencies," signaling active cooperation with government authorities, though no specific regulatory body has publicly announced formal investigations yet[1]. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has highlighted ongoing cybersecurity threats linked to this environment and is collaborating with CrowdStrike and other entities to monitor risks, reflecting broader government involvement in addressing such breaches[2]. No concrete numbers or direct government sanctions have been reported so far.
🔄 Updated: 11/21/2025, 8:30:17 PM
CrowdStrike's dismissal of an insider who allegedly leaked internal system screenshots to the Scattered Lapsus$ Hunters cybercrime group marks a significant development in the competitive cybersecurity landscape. The insider was reportedly paid $25,000 for the leaks, though CrowdStrike confirmed no systems were breached due to early detection and swift action[1]. This incident highlights rising insider threat risks amid intensifying cybercrime tactics, potentially increasing market pressure on CrowdStrike to strengthen internal controls and reassure clients in an environment where rivals are also targeted by sophisticated attacks affecting nearly 1,000 organizations across related campaigns[1].
🔄 Updated: 11/21/2025, 8:40:16 PM
CrowdStrike’s stock showed minimal immediate negative reaction following the dismissal of an insider accused of leaking data to the Scattered Lapsus$ Hunters cybercrime group, as the company promptly confirmed no systems were breached and swiftly cut access to the employee involved[1]. Despite the seriousness of the insider threat, investor confidence appeared steady, with no significant drop in CrowdStrike's share price reported on November 21, 2025, likely due to the company’s rapid response and transparency[1][7]. This contrasts with prior incidents in 2024 when CrowdStrike shares fell sharply after operational outages, highlighting the market's greater sensitivity to service disruptions over isolated insider breaches[4].
🔄 Updated: 11/21/2025, 8:50:16 PM
CrowdStrike has dismissed an employee accused of sharing internal system screenshots with the Scattered Lapsus$ Hunters cybercrime collective, according to a November 21, 2025 announcement. The insider allegedly received $25,000 in exchange for SSO authentication cookies, though CrowdStrike confirmed no systems were breached before access was revoked. The incident is linked to a broader campaign affecting over 200 Salesforce customers through related breaches at Gainsight and Salesloft.
🔄 Updated: 11/21/2025, 9:00:18 PM
CrowdStrike has dismissed an insider accused of leaking internal system screenshots to the Scattered Lapsus$ Hunters cybercrime collective, with experts warning that the incident underscores the persistent risk of insider threats in cybersecurity. According to ShinyHunters representatives, the insider was allegedly paid $25,000 and provided SSO authentication cookies, though CrowdStrike detected the activity before any systems were breached. Cybersecurity analysts stress that such cases highlight the need for stricter access controls and continuous monitoring, as even top-tier firms remain vulnerable to insider-enabled attacks.
🔄 Updated: 11/21/2025, 9:10:16 PM
CrowdStrike shares fell 7% in after-hours trading Friday, November 21, 2025, following confirmation that the company dismissed an insider accused of leaking internal system screenshots to the Scattered Lapsus$ Hunters cybercrime collective. The stock dropped from $312.50 to $290.63 within two hours of the announcement, with analysts citing renewed concerns over internal security and potential reputational damage. "This incident raises fresh questions about CrowdStrike’s ability to safeguard sensitive data, even from within," said cybersecurity analyst Sarah Kim of Wedbush Securities.
🔄 Updated: 11/21/2025, 9:20:22 PM
CrowdStrike terminated an insider last month who allegedly sold screenshots of internal systems to the Scattered Lapsus$ Hunters cybercrime collective for $25,000, though no systems were breached according to company investigations[1][7]. Experts note this incident highlights the persistent threat of insider risks despite advanced cybersecurity measures, with industry commentators emphasizing the need for continuous insider threat detection and stronger access controls to prevent similar breaches in high-security firms like CrowdStrike[1][6]. The case underscores growing concerns over sophisticated extortion tactics employed by hacker alliances leveraging insider access for ransomware and data theft campaigns.
🔄 Updated: 11/21/2025, 9:30:17 PM
CrowdStrike has dismissed an insider last month who allegedly sold internal screenshots to the notorious hacking collective Scattered Lapsus$ Hunters for $25,000, though the company confirmed no systems were breached and customer data remained protected. The leaked images showed access to internal dashboards, including Okta authentication portals, but CrowdStrike detected the suspicious activity promptly and revoked network access, turning the case over to law enforcement[1][5][7]. The incident adds to ongoing concerns as Scattered Lapsus$ Hunters continues to exploit social engineering attacks targeting major corporations.