Hackers Compromise Accounts of Kodex, Company That Vets Police Data Requests For Tech Giants (404media.co) 2
Slash_Account_Dot shares a report from 404 Media: Hackers are targeting accounts on Kodex, a platform that connects law enforcement agencies and tech companies and which is designed to verify emergency requests for customer data, according to multiple online conversations between hackers viewed by 404 Media. Screenshots from one of the compromised accounts shows a panel where a law enforcement officer, or a hacker, can potentially 'create a new request.' The screenshots show a wide range of companies such as tech giants Meta and Microsoft's LinkedIn; cryptocurrency exchanges Binance and Coinbase; social media platforms Pinterest, Discord, and Snapchat; financial service Fidelity, and gaming platform Roblox. The compromised account appears to belong to a national police force, but the screenshots do not include the agency's full name.
There is no evidence that hackers have successfully used compromised Kodex accounts to obtain data from a tech company, and Matt Donahue, the former FBI agent and now CEO of Kodex, said that multiple compromised accounts 404 Media found did not have authorization to make such requests, and that Kodex had shut down those accounts. But the repeated examples of criminal chatter show that Kodex is a target of interest for hackers.
There is no evidence that hackers have successfully used compromised Kodex accounts to obtain data from a tech company, and Matt Donahue, the former FBI agent and now CEO of Kodex, said that multiple compromised accounts 404 Media found did not have authorization to make such requests, and that Kodex had shut down those accounts. But the repeated examples of criminal chatter show that Kodex is a target of interest for hackers.
Win-Win (Score:3)
And this is why it was outsourced! It's all about the liability.
Pot, meet Kettle. (Score:1)
"Hackers are targeting accounts on Kodex, a platform that connects law enforcement agencies and tech companies and which is designed to verify emergency requests for customer data..."
By 'emergency' you mean those urgent FISA requests? The kind of 'tech' companies that make lets say...Stingray devices? Build PRISM systems? By 'verify' do you mean check to make sure the payment was enough?
Rather ironic who they're calling hackers here given the Civil Rights reacharound these days by enforcement.