Man charged with attack on support company Zendesk

July 23, 2014

A Massachusetts resident has had charges laid relating to the recent attack on Zendesk, in which information private to the company was exported to computers outside of the Zendesk network.

Zendesk is a company based in San Francisco specialising in helpdesk services for a multitude of organisations including Vodafone, Groupon and Twitter.

On July 2, federal prosecutors in the US charged 25-year-old Massachusetts man Cameron Lacroix with hacking the support company in February of last year. According to the prosecutors, Mr Lacroix disabled a security feature designed to restrict access to sensitive customer information.

He subsequently exported one million Twitter support tickets to external computers. Following the breach, Mr Lacroix used the ticket information to deface the Twitter feeds of two companies.

It's likely he could face a total of 10 years in prison for the incident, along with US$250,000 in fines and restitution for the damage caused. 

This isn't the first breach he's attempted either, as he also pleaded guilty to a computer hacking and payment card theft in June.

"Lacroix remotely, surreptitiously, and without authorisation, accessed computer networks around the country. These included networks belonging to law enforcement agencies, local law enforcement departments and educational institutions," the court documents explained.

The documents also outlined his attempts to alter academic records on the computers of educational institutions, and extract extremely sensitive law enforcement data from government computers.

It's always an extremely prudent practice to carry out internal ethical hacking measures on a business network, before outside attackers have the chance to carryout a real breach. These have the ability stain the reputation of a company, and cause financial damage that can be hard to recover from.

Leave a Reply

Your email address will not be published. Required fields are marked *