🟠 High | Source: The Register — Security
A former Huntress analyst has publicly alleged that an insider at the cybersecurity firm passed sensitive client information to a ransomware criminal. The ex-employee further claims Huntress prioritised protecting its pending IPO over transparently disclosing the incident to affected clients. If substantiated, this raises serious concerns about insider threat management and corporate governance at a company trusted with deep visibility into customer environments.
Security Architect’s Take: Review the access and data-sharing permissions granted to any third-party MDR or EDR vendors in your environment, and confirm they enforce least-privilege internally. Verify your vendor contracts include mandatory breach notification obligations that are independent of the vendor’s commercial interests.
Original advisory: Ex-Huntress analyst claims company insider fed info to a ransomware crim. Social media drama ensues