A former data analyst, Cameron Curry (alias "Loot"), stole sensitive payroll and corporate data from Brightly Software after his contract ended. He then attempted to extort the company for $2.5 million, threatening to leak employee PII and report them to the SEC. Brightly paid $7,540 in Bitcoin before the FBI intervened.
Initial Access
Trusted Access Abuse
confirmed
Cameron Curry, while employed as a data analyst contractor at Brightly Software, had legitimate access to the company's payroll information and corporate data.
Defender cut points
Implement strict Role-Based Access Control (RBAC) and Principle of Least Privilege (PoLP) for contractorsRegularly review and revoke access upon contract termination
