Industry — Data Breach
Executive Summary
Data breach reported by DataBreaches.net — Ransomware incident responder gave info to BlackCat cybercriminals during negotiations, DOJ alleges: It’s not like threat actors weren’t telling some of us about rogue negotiators. They were. Now I wonder how many other journalists also disbelieved the threat actors when they were telling the truth. Jonathan Greig reports: The Justice Department is accusing an incident...
What Happened
The U.S. Department of Justice has accused an incident responder of providing information to the BlackCat ransomware gang during ransom negotiations. According to the DOJ allegations, this individual is accused of conducting cyberattacks and assisting ransomware gangs in negotiating higher ransom payments from victims. Threat actors had previously disclosed information about rogue negotiators to some journalists, though these claims were initially met with skepticism.
Why It Matters
This case represents a significant breach of trust in the cybersecurity incident response industry, where professionals are expected to advocate for victims rather than assist criminal groups. The allegations suggest that some entities hired to help organizations recover from ransomware attacks may have instead been working with the attackers to increase ransom demands. The fact that threat actors' previous warnings about rogue negotiators were disbelieved highlights challenges in identifying corruption within the incident response field.
AI-Assisted
Event summaries are generated by Claude AI from verified sources and reviewed by humans before publication.