Is this email difficult to read? View it in a web browser. ›
The Wall Street Journal ProThe Wall Street Journal Pro

CybersecurityCybersecurity

Sponsored by Zscaler logo.

Hackers Recruit Unhappy Insiders To Bypass Data Security

By Kim S. Nash
 

Hello. Hackers are combing social media apps for workers who post about layoffs, pay gripes and unfair treatment, or those who were recently fired, demoted or passed over for a promotion.

The workers are typically offered a share of ransomware payoffs or stolen data sales for their services, WSJ Pro's Angus Loten reports. Read our full story. 

Also today: 

  • Two red-teamers awarded $600,000 in wrongful arrest case
  • Krispy Kreme to settle breach case for $1.6 million
 

‏‏‎ ‎
CONTENT FROM: ZSCALER
Secure AI Adoption With AI Security Built on Zero Trust

Thriving in the AI era requires a new approach to security. Traditional models weren’t built for AI. Zscaler’s AI Security Platform, built on Zero Trust, secures enterprise AI from development to deployment—ensuring risk and complexity don’t outpace growth. Discover how leading businesses are adopting AI securely and driving innovation today.

Act Fast. Stay Secure.

 

More Cyber News

PHOTO: MARIO ANZUONI/REUTERS

Settlement: Krispy Kreme agreed to pay $1.6 million to settle a consolidated class-action lawsuit over the 2024 breach of data related to 161,000 current and former employees. Stolen data included biometrics, financial details and health information. Most victims will receive about $75. (Charlotte Observer)
  • Further reading from WSJ Pro: Cyberattack Snarls Krispy Kreme’s Online Ordering

Two security professionals are due to receive $600,000 as a settlement in a wrongful arrest case stemming from a penetration-testing job in 2019. Gary DeMercurio and Justin Wynn, former employees of cyber company Coalfire Labs, were hired to test the security systems of Iowa's Judicial Branch using red-teaming techniques and physical break-ins.

  • They were arrested, spent about 20 hours in jail and bonded out. Charges were later reduced to misdemeanor trespassing. (ArsTechnica)
  • The Iowa court's investigation report on the incident and recommendations for avoiding such "confusion" in the future is good reading. 
 

About Us

The WSJ Pro Cybersecurity team is Deputy Bureau Chief Kim S. Nash and reporters Angus Loten and James Rundle . Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.
 
Share this email with a friend.
Forward ›
Forwarded this email by a friend?
Sign Up Here ›
 
Desktop, tablet and mobile. Desktop, tablet and mobile.
Access WSJ‌.com and our mobile apps. Subscribe
Apple app store icon. Google app store icon.
Unsubscribe   |    Newsletters & Alerts   |    Contact Us   |    Privacy Notice   |    Cookie Notice
Dow Jones & Company, Inc. 4300 U.S. Ro‌ute 1 No‌rth Monm‌outh Junc‌tion, N‌J 088‌52
You are currently subscribed as [email address suppressed]. For further assistance, please contact Customer Service at pro‌newsletter@dowjones.com or 1-87‌7-975-6246.
Copyright 2026 Dow Jones & Company, Inc.   |   All Rights Reserved.
Unsubscribe