Ex-Cybersecurity Consultant Jailed For Trading Confidential Data

Vincent Cannady, a professional who used to work as a consultant in the cybersecurity field, has been taken into custody for allegedly trying to extort a sum of money that could go up to $1.5 million from an IT company that is publicly traded.

He explicitly threatened to publicly disclose the company’s sensitive and confidential information unless his demands were met.

U.S. Attorney Damian Williams said: “As alleged, Vincent Cannady used illegal and excessive threats to obtain over a million dollars in payments from a public company after his engagement was terminated.

Integrate ANY.RUN in Your Company for Effective Malware Analysis

Are you from SOC, Threat Research, or DFIR departments? If so, you can join an online community of 400,000 independent security researchers:

• Real-time Detection
• Interactive Malware Analysis
• Easy to Learn by New Security Team members
• Get detailed reports with maximum data
• Set Up Virtual Machine in Linux & all Windows OS Versions
• Interact with Malware Safely

If you want to test all these features now with completely free access to the sandbox:

Try ANY.RUN for FREE

When those entrusted with sensitive information steal that information on their way out the door, only to extort money with a threat of releasing that information, my Office will hold them responsible for their conduct.”

Cannady had been assigned to assess and fix potential vulnerabilities in the company’s information systems.

This position gave him access to sensitive data, which he later used to leverage his extortion demands after his engagement with the company was terminated.

Demands And Threats

In an attempt to seek justice, he pressed the company to address his allegations of discrimination and the emotional distress that he had suffered. He went as far as to threaten to make the documents public if the company failed to take action.

“[a]s we all know those documents will imperil [the company’s] reputation and shake investor confidence,” CANNADY added.

Cannady specifically requested a 10-year Certificate of Deposit worth $1.5 million and a gag order to prevent him from discussing any information related to the company.

Cannady is charged with Hobbs Act extortion and faces a maximum sentence of 20 years in prison. The charge is an accusation; he is presumed innocent until proven guilty. 

The U.S. Attorney’s Office is prosecuting the case for the Southern District of New York.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide