Infagard

InfraGard is a non-profit partnership program between the United States Federal Bureau of Investigation (FBI) and members of the private sector, designed to facilitate information sharing on cybersecurity threats and critical infrastructure protection. In early 2022, a threat actor identified as USDoD gained unauthorized access to the InfraGard member portal by submitting a fake membership application using the identity of a prominent financial sector CEO. The attacker exploited weaknesses in the vetting process for new member applications, successfully obtaining credentials to the portal. Once inside, the hacker extracted a database containing personal and professional information of approximately 80,000 InfraGard members, including high-profile executives, government officials, and security professionals. The stolen dataset was subsequently listed for sale on a cybercriminal forum for $50,000. Shortly after, the data was released publicly. The compromised records included full names, usernames, email addresses, phone numbers, social security numbers in some cases, company affiliations, job titles, geographic regions, and text descriptions. This breach was particularly alarming given the sensitive nature of InfraGard membership, which includes critical infrastructure stakeholders and individuals with access to classified threat intelligence. The incident was widely covered by KrebsOnSecurity and other major cybersecurity media outlets.