Tuesday, January 14, 2025
HomeCyber CrimeEx-Cybersecurity Consultant Jailed For Trading Confidential Data

Ex-Cybersecurity Consultant Jailed For Trading Confidential Data

Published on

Vincent Cannady, a professional who used to work as a consultant in the cybersecurity field, has been taken into custody for allegedly trying to extort a sum of money that could go up to $1.5 million from an IT company that is publicly traded.

He explicitly threatened to publicly disclose the company’s sensitive and confidential information unless his demands were met.

U.S. Attorney Damian Williams said: “As alleged, Vincent Cannady used illegal and excessive threats to obtain over a million dollars in payments from a public company after his engagement was terminated.

Document

Integrate ANY.RUN in Your Company for Effective Malware Analysis

Are you from SOC, Threat Research, or DFIR departments? If so, you can join an online community of 400,000 independent security researchers:

  • Real-time Detection
  • Interactive Malware Analysis
  • Easy to Learn by New Security Team members
  • Get detailed reports with maximum data
  • Set Up Virtual Machine in Linux & all Windows OS Versions
  • Interact with Malware Safely

If you want to test all these features now with completely free access to the sandbox:

When those entrusted with sensitive information steal that information on their way out the door, only to extort money with a threat of releasing that information, my Office will hold them responsible for their conduct.”

Cannady had been assigned to assess and fix potential vulnerabilities in the company’s information systems.

This position gave him access to sensitive data, which he later used to leverage his extortion demands after his engagement with the company was terminated.

Demands And Threats

In an attempt to seek justice, he pressed the company to address his allegations of discrimination and the emotional distress that he had suffered. He went as far as to threaten to make the documents public if the company failed to take action.

“[a]s we all know those documents will imperil [the company’s] reputation and shake investor confidence,” CANNADY added.

Cannady specifically requested a 10-year Certificate of Deposit worth $1.5 million and a gag order to prevent him from discussing any information related to the company.

Cannady is charged with Hobbs Act extortion and faces a maximum sentence of 20 years in prison. The charge is an accusation; he is presumed innocent until proven guilty. 

The U.S. Attorney’s Office is prosecuting the case for the Southern District of New York.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Google’s “Sign in with Google” Flaw Exposes Millions of Users’ Details

A critical flaw in Google's "Sign in with Google" authentication system has left millions...

Hackers Attacking Internet Connected Fortinet Firewalls Using Zero-Day Vulnerability

A widespread campaign targeting Fortinet FortiGate firewall devices with exposed management interfaces on the...

Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection

Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass...

CISA Released A Free Guide to Enhance OT Product Security

To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Google’s “Sign in with Google” Flaw Exposes Millions of Users’ Details

A critical flaw in Google's "Sign in with Google" authentication system has left millions...

Hackers Attacking Internet Connected Fortinet Firewalls Using Zero-Day Vulnerability

A widespread campaign targeting Fortinet FortiGate firewall devices with exposed management interfaces on the...

Hackers Using YouTube Links and Microsoft 365 Themes to Steal Logins

Cybercriminals are executing sophisticated phishing attacks targeting Microsoft 365 users by employing deceptive URLs...