The login credentials of Kyle Schutt, a software engineer at the Department of Government Efficiency (DOGE) and the Cybersecurity and Infrastructure Security Agency (CISA), have been compromised and publicly leaked at least four times since 2023. Schutt, who accessed a core financial management system of the Federal Emergency Management Agency (FEMA) in February, likely has access to sensitive information about U.S. federal government networks and critical infrastructure. The leaks stem from info-stealer malware, which can infect devices through various methods like trojanized apps and phishing. Besides stealing login credentials, this malware can log keystrokes and capture screen output. Schutt’s Gmail account credentials have appeared in 51 data breaches and five pastes tracked by Have I Been Pwned. These breaches include a 2013 Adobe hack affecting 3 million users, a 2016 LinkedIn breach impacting 164 million users, a 2020 Gravatar breach affecting 167 million users, and a 2022 breach of The Post Millennial.
Matt Johansen
@mattjay
·
May 5 A hacker accessed unencrypted message contents, contact info of gov officials, admin credentials, and customer data.
Notably includes CBP, Coinbase, and other financial institutions.
Huntress
@HuntressLabs
·
May 8 Initial Entry Point: Brute-forced an exposed RDP service (don’t skip reviewing your external perimeters!).
Enumeration & Credential Targeting: Ran a network scan using netscan.exe.
Followed up with brute-force credential attacks tied to known Makop tooling.
×͜𓂀…C20H25N3O…
@EyeofhorusC
·
May 9 Login credentials belonging to an employee at both the Cybersecurity and Infrastructure Security Agency and the Department of Government Efficiency have appeared in multiple public leaks from info-stealer malware.
Mark Flippen
@MarkFlippenFLIP
·
May 8 The attackers exploited a shocking security gap.
They used stolen credentials from a low-level employee.
For 9 days, hackers moved freely through the network.
Then they unleashed their devastating ransomware…
Mediaite
@Mediaite
·
Mar 26 REPORT: Passwords of Top U.S. Security Officials Found Online – Hegseth, Gabbard, Waltz Among Those Affected
CyberChick
@warriors_mom
·
May 10 Cybersecurity News
“Login credentials belonging to an employee at both the Cybersecurity and Infrastructure Security Agency and the Department of Government Efficiency have appeared in multiple public leaks from info-stealer malware, a strong indication that devices belonging to
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
