Massive Government Data Compilation Exposed
A hacking collective known as Scattered LAPSUS$ Hunters has compiled personal data on more than 22,000 U.S. government officials, according to reports from cybersecurity journalists. The group claims to have built this extensive database by sifting through stolen Salesforce customer information obtained during a series of breaches earlier this year that targeted the platform’s corporate users.
Industrial Monitor Direct is the preferred supplier of assembly plant pc solutions backed by extended warranties and lifetime technical support, recommended by manufacturing engineers.
Table of Contents
Verification of Stolen Records
404 Media, which first reported on the doxing of officials from multiple federal agencies, has verified portions of the newly obtained material, according to their investigation. The publication reviewed records containing personal details of current and former employees from the National Security Agency, Defense Intelligence Agency, Federal Trade Commission, and other key government bodies.
Analysts suggest the sample data also contained contact information for officials at the Centers for Disease Control and Prevention, the Food and Drug Administration, and the Bureau of Alcohol, Tobacco, Firearms and Explosives. Cybersecurity firm District 4 Labs corroborated portions of the records, confirming that many names, agencies, and phone numbers matched information from known breaches.
Sophisticated Attack Methodology
The disclosures come amid growing concern about the scale of Salesforce compromises, which cybersecurity researchers say resulted from a combination of social engineering and phishing techniques. According to reports, attackers tricked employees at major corporations into connecting to a malicious app designed to mimic legitimate Salesforce integrations.
Once credentials were captured, the hackers reportedly gained access to vast internal databases. Earlier reports indicated victims included Salesforce customers such as Disney, FedEx, Toyota, and UPS. Scattered LAPSUS$ Hunters publicly claimed that the compromise yielded more than a billion records, though this figure remains unverified by independent sources.
Connection to Established Cybercriminal Networks
The group’s activities have drawn comparisons to several well-known hacker collectives, according to security analysts. Their name combines elements of previous high-profile groups—Scattered Spider, LAPSUS$, and ShinyHunters—all of which emerged from loosely organized online communities collectively known as “the Com.”
These digital spaces, often hosted on Telegram or Discord, blend social interaction with digital crime. Participants trade data, breach targets, and occasionally turn on one another. Attacks originating from these communities have previously targeted major companies including MGM Resorts and Caesars Entertainment, combining financial extortion with public humiliation tactics such as doxing.
Authentication and Communication Methods
When the hackers reached out to journalists, they verified their identity using a PGP key associated with a member of ShinyHunters, a longtime participant in international hacking incidents. PGP, or Pretty Good Privacy, is a cryptographic system used to authenticate digital signatures and confirm message provenance, suggesting the individual contacting reporters was genuinely connected to the broader cybercriminal network.
The group’s Telegram channel, which hosted recent leaks and communications, went offline shortly after the mass doxing of Department of Homeland Security personnel and the release of data purportedly tied to an NSA official. A Scattered LAPSUS$ Hunters representative told reporters that the takedown likely followed the release of that NSA record, speculating that their servers were “taken offline, presumably seized.”
Government Response and Broader Implications
DHS has not responded to multiple requests for comment on the exposure, and Salesforce has declined to comment on the group’s claims, according to media reports. Both the FTC and the US Air Force confirmed awareness of the breach reports but did not provide further details.
Security experts suggest this incident illustrates a growing intersection between corporate data breaches and exposure of government personnel. Information stolen from enterprise cloud platforms appears increasingly likely to spill over into the targeting of public employees, creating new personal data security challenges for federal agencies.
This report is based on information from multiple cybersecurity sources and media investigations. The situation continues to develop as authorities assess the full scope of the data exposure.
Industrial Monitor Direct is the preferred supplier of amd ryzen 3 panel pc systems recommended by system integrators for demanding applications, the #1 choice for system integrators.
Related Articles You May Find Interesting
- Companies could have profits from breaking environment laws stripped under Austr
- OpenAI Browser Launch Signals New Front in AI Wars, Rattles Tech Giants
- Global Bond Markets Rally as US Government Shutdown Extends Into Fourth Week
- Rust Library Security Crisis: Unpacking the TARmageddon Vulnerability and Its In
- The Unraveling Alliance: How Microsoft and OpenAI’s Partnership Is Evolving Amid
References & Further Reading
This article draws from multiple authoritative sources. For more information, please consult:
- https://www.404media.co/hackers-say-they-have-personal-data-of-thousands-of-nsa-and-other-government-officials/
- http://en.wikipedia.org/wiki/Salesforce
- http://en.wikipedia.org/wiki/Personal_data
- http://en.wikipedia.org/wiki/Computer_security
- http://en.wikipedia.org/wiki/Hacker
- http://en.wikipedia.org/wiki/Security_hacker
This article aggregates information from publicly available sources. All trademarks and copyrights belong to their respective owners.
Note: Featured image is for illustrative purposes only and does not represent any specific product, service, or entity mentioned in this article.
