Ex-data analyst stole company data in $2.5M extortion scheme
Recorded: March 20, 2026, 9 a.m.
| Original | Summarized |
Ex-data analyst stole company data in $2.5M extortion scheme News Featured ConnectWise patches new flaw allowing ScreenConnect hijacking New DarkSword iOS exploit used in infostealer attack on iPhones Apple pushes first Background Security Improvements update to fix WebKit flaw GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX International joint action disrupts world’s largest DDoS botnets Microsoft: March Windows updates break Teams, OneDrive sign-ins Ex-data analyst stole company data in $2.5M extortion scheme Navia discloses data breach impacting 2.7 million people Tutorials Latest How to access the Dark Web using the Tor Browser How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11 How to use the Windows Registry Editor How to backup and restore the Windows Registry How to start Windows in Safe Mode How to remove a Trojan, Virus, Worm, or other Malware How to show hidden files in Windows 7 How to see hidden files in Windows Webinars Latest Qualys BrowserCheck STOPDecrypter AuroraDecrypter FilesLockerDecrypter AdwCleaner ComboFix RKill Junkware Removal Tool Deals Categories eLearning IT Certification Courses Gear + Gadgets Security VPNs Popular Best VPNs How to change IP address Access the dark web safely Best VPN for YouTube Forums Virus Removal Guides HomeNewsSecurityEx-data analyst stole company data in $2.5M extortion scheme Ex-data analyst stole company data in $2.5M extortion scheme By Sergiu Gatlan March 20, 2026 A North Carolina man was found guilty of extorting a D.C.-based technology company while still being employed as a data analyst contractor. Extortion email sample (Justice Department) Red Report 2026: Why Ransomware Encryption Dropped 38% Related Articles: Brightly Sergiu Gatlan Previous Article Post a Comment Community Rules You need to login in order to post a comment Not a member yet? Register Now You may also like: Popular Stories CISA urges US orgs to secure Microsoft Intune systems after Stryker breach Max severity Ubiquiti UniFi flaw may allow account takeover GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX Sponsor Posts Cut VMware migration time by 60% with Acronis—move workloads faster, with less downtime. Secure your AI agents without sacrificing speed. Are refund fraud methods targeting your brand? You can monitor the underground for these threats. Overdue a password health-check? Audit your Active Directory for free Uncover shadow AI apps, users, and risky data sharing. Get started in 5 min. Follow us: Main Sections News Community Forums Useful Resources Welcome Guide Company About BleepingComputer Terms of Use - Privacy Policy - Ethics Statement - Affiliate Disclosure Copyright @ 2003 - 2026 Bleeping Computer® LLC - All Rights Reserved Login Username Password Remember Me Sign in anonymously Sign in with Twitter Not a member yet? Register Now Help us understand the problem. What is going on with this comment? Spam Abusive or Harmful Inappropriate content Strong language Other Read our posting guidelinese to learn what content is prohibited. Submitting... |
This document details the case of Cameron Curry, a former data analyst contractor for Brightly Software (formerly SchoolDude), who orchestrated a $2.5 million extortion scheme following his contract’s termination. The incident highlights critical vulnerabilities related to insider threats, data breach response, and the evolving tactics of cybercriminals. The core of the narrative centers on Curry’s exploitation of his access to Brightly’s payroll and corporate data following his contract’s expiration. Recognizing the potential for leverage, he engaged in an extortion campaign, sending over 60 emails threatening to release sensitive employee data—including personally identifiable information (PII) and financial details—unless a ransom of $2.5 million was paid. Curry’s strategy involved leveraging the threat of reporting Brightly to the U.S. Securities and Exchange Commission (SEC) for failing to disclose a prior data breach, further escalating the pressure. The extortion scheme culminated in Brightly paying $7,540 in Bitcoin to a cryptocurrency wallet controlled by Curry. Following the payment, federal authorities, through the FBI, executed a search warrant at Curry’s residence, seizing electronic devices used in the operation. Curry was subsequently arrested and faces a maximum sentence of 12 years in prison for six counts of transmitting or willfully causing interstate communications with the intent to extort a victim company. Beyond the immediate extortion case, the report illuminates a separate, significant data breach affecting nearly 3 million SchoolDude customers and users discovered in May 2023. This breach, resulting from an intrusion into Brightly’s online platform database, resulted in attackers obtaining credentials, personal data, and account passwords. This subsequent breach underscores the potential for vulnerabilities to exist across multiple layers of a company’s operations and the importance of proactive cybersecurity measures. The successful extortion highlights the risks associated with contractors having access to sensitive corporate data and underscores the critical need for robust access control policies, thorough background checks, and diligent monitoring of employee activity. Furthermore, it demonstrates the potential for determined insiders to exploit vulnerabilities and cause substantial financial and reputational damage to their employers. The report also serves as a reminder that even after a breach is discovered, organizations must promptly notify relevant authorities and affected parties, adhering to regulatory requirements like those outlined by the Office of the Maine Attorney General. Finally, this case emphasizes the need for companies like Brightly to maintain a robust incident response plan to mitigate the impact of such attacks. |