Vincent Cannady, a professional who used to work as a consultant in the cybersecurity field, has been taken into custody for allegedly trying to extort a sum of money that could go up to $1.5 million from an IT company that is publicly traded.
He explicitly threatened to publicly disclose the company’s sensitive and confidential information unless his demands were met.
U.S. Attorney Damian Williams said: “As alleged, Vincent Cannady used illegal and excessive threats to obtain over a million dollars in payments from a public company after his engagement was terminated.
Are you from SOC, Threat Research, or DFIR departments? If so, you can join an online community of 400,000 independent security researchers:
If you want to test all these features now with completely free access to the sandbox:
When those entrusted with sensitive information steal that information on their way out the door, only to extort money with a threat of releasing that information, my Office will hold them responsible for their conduct.”
Cannady had been assigned to assess and fix potential vulnerabilities in the company’s information systems.
This position gave him access to sensitive data, which he later used to leverage his extortion demands after his engagement with the company was terminated.
In an attempt to seek justice, he pressed the company to address his allegations of discrimination and the emotional distress that he had suffered. He went as far as to threaten to make the documents public if the company failed to take action.
“[a]s we all know those documents will imperil [the company’s] reputation and shake investor confidence,” CANNADY added.
Cannady specifically requested a 10-year Certificate of Deposit worth $1.5 million and a gag order to prevent him from discussing any information related to the company.
Cannady is charged with Hobbs Act extortion and faces a maximum sentence of 20 years in prison. The charge is an accusation; he is presumed innocent until proven guilty.
The U.S. Attorney’s Office is prosecuting the case for the Southern District of New York.
Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide
The Sliver Command & Control (C2) framework, an open-source tool written in Go, has been…
Ransomware continues to be one of the most disruptive cyber threats, with recent data revealing…
As the U.S. tax filing deadline approaches, cybercriminals are intensifying their efforts to exploit taxpayers…
Cybersecurity experts at eSentire's Threat Response Unit (TRU) uncovered a sophisticated malware campaign leveraging KoiLoader,…
APT34, also known as OilRig or Helix Kitten, has intensified its cyber-espionage campaigns, deploying custom…
A critical vulnerability has been identified in the Plantronics Hub software, a client application commonly…
