Ex-Data Analyst Stole $2.5M in Company Data for Extortion
▼ Summary
– A North Carolina data analyst contractor was found guilty of extorting his employer, Brightly Software, by threatening to leak stolen sensitive data.
– The employee, Cameron Curry, stole payroll and corporate documents and demanded a $2.5 million ransom after his contract ended.
– He sent over 60 extortion emails, attaching employee personal information and threatening to report the company to the SEC.
– Brightly paid a partial ransom in Bitcoin, and the FBI later seized evidence from Curry’s home, leading to his conviction.
– Curry faces up to 12 years in prison for the extortion, which is separate from a different data breach Brightly disclosed in 2023.
A former data analyst contractor has been convicted for attempting to extort millions of dollars from a technology firm by threatening to release stolen sensitive employee data. The case highlights the significant insider threat posed by individuals with privileged access to corporate systems, demonstrating how internal credentials can be weaponized for financial gain and massive reputational damage.
Cameron Curry, a 27-year-old from North Carolina who also used the alias “Loot,” was found guilty of multiple extortion charges. While employed as a six-month contractor for Brightly Software, a SaaS company specializing in asset management, Curry exploited his position to steal payroll information and other corporate documents. Upon learning his contract would not be renewed, he initiated an extortion scheme targeting his former employer.
Beginning the day after his contract ended in December, Curry sent over sixty threatening emails to Brightly employees. Using the email address lootsoftware@outlook.com, he demanded a $2.5 million ransom paid in cryptocurrency, threatening to leak the stolen personal identification information of employees. The data included names, birth dates, home addresses, and salary details. In his communications, Curry attached screenshots of spreadsheets containing this sensitive information as proof of his access.
His threats extended beyond data leakage. Curry also warned he would report Brightly to the U. S. Securities and Exchange Commission for failing to disclose the data breach, a legal requirement for companies. One email stated the ransom would increase by $100,000 each subsequent month, and falsely claimed discrepancies in the company’s books exceeded $16 million, which could foster a hostile work environment.
In response to the threats, Brightly Software made an initial payment of $7,540 in Bitcoin to a wallet controlled by Curry. The company later reported the incident to the FBI, which led to a search of Curry’s residence in January. Agents seized electronic devices that contained evidence linking him directly to the extortion campaign.
Following a guilty verdict, Curry now faces a potential prison sentence of up to twelve years for six counts of transmitting interstate communications with intent to extort. He was previously released on bond pending further legal proceedings. A spokesperson for Brightly confirmed the company’s full cooperation with the Department of Justice and the FBI, deferring additional comments to law enforcement due to the ongoing nature of the case.
This incident is separate from a previously disclosed data breach Brightly experienced in May of the previous year. In that unrelated event, attackers compromised the database of the company’s SchoolDude platform, affecting credentials and personal data for nearly three million customers. That breach was discovered eight days after the initial system intrusion.
(Source: BleepingComputer)
