Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cybersecurity Company Extorted Its Clients, Says Whistleblower

Posted by Soulskill on from the your-computer-is-broadcasting-an-IP-address dept.

An anonymous reader writes: Richard Wallace used to be an investigator for Tiversa, a cybersecurity company that sells services like "breach protection" and "incident response." These days, Wallace is testifying in federal court that Tiversa faked breaches to encourage sales, and extorted clients that weren't interested. For example, Wallace said Tiversa targeted a cancer testing center called LabMD in 2010, tapping into their computers and downloading medical records. Tiversa then used those records as evidence to convince LabMD they had been hacked, offering its "incident response" service at the same time. LabMD didn't fall for it, so Tiversa told the FTC about the "hack." The FTC, none-the-wiser, went after LabMD in court, eventually destroying the business. Wallace has also cast suspicion on reports Tiversa has issued, including one saying President Obama's helicopter blueprints were found on Iranian computers.

7 of 65 comments (clear)

  1. Some guyz in my old neghborhood used to do this by NotDrWho · · Score: 5, Funny

    "Hey, you need us for security protection, otherwise you never know when a break-in might happen, right Vinnie?"

    "Yeah boss, this place *definitely* needs to pay for our security protection."

    "See? You should listen to Vinnie, he's a security expert and shit."

    --
    SJW's don't eliminate discrimination. They just expropriate it for themselves.
  2. The FTC report by YrWrstNtmr · · Score: 5, Informative

    Details here: https://www.ftc.gov/enforcemen...

    That's some messed up stuff. Tiversa needs to be burned to the ground, and their board members in actual jail.

  3. Re:Tiversa breached systems? by Pi1grim · · Score: 5, Insightful

    Well, fun fact, if some kid breaches the system and then gives the evidence that system is flawed to the company without demanding any money - than he's a criminal, if a large company does the same, only demanding a large payment for services rendered and subscription to future services - then it's business as usual.

  4. Theyre creating jobs! by Anonymous Coward · · Score: 5, Funny

    Im off to go smash some windows.

    Its okay though because i work for Window Smashers LLC.

  5. They reveal themselves ! by redelm · · Score: 5, Interesting

    Hmm ... Iran has blueprints ... sounds bad. But of _course_ they have blueprints of that model helo -- the Shah bought them prior to 1979! Marine One is [usually] a Sikorski VH-3 "Sea King" which first flew in 1959.

    When advocates make inflammatory claims that have innocent explanations, I consider them confidence crooks. They know their best arguments and have made them. Yet another example of lies being more revealing than the truth (so long as you already know it.)

  6. Re:Tiversa breached systems? by gstoddart · · Score: 5, Informative

    But, honestly though ... if a corporation is charged in federal court, will they pay a fine, or will someone do jail time?

    Because if the corporation will pay a fine, but a person would get jail time ... that's pretty much what a double standard means.

    So before you go all full-metal asshole on the poor guy, ask yourself, has anybody from a corporation who does this kind of crap gone to jail?

    If doing something on behalf of a corporation means you don't go to jail, there more assuredly is a double standard.

    --
    Lost at C:>. Found at C.
  7. Re:Tiversa breached systems? by radarskiy · · Score: 5, Informative

    Tiversa's claim to LabMD was not that LabMD had vulnerabilities, but that LabMD had been breached. Tiversa then claimed to the FTC that LabMD had failed to disclose a breach but did not disclose that the breach was by Tiversa themselves.

    LabMD may have needed the services of a security consulting company. No one needs the services of a lying security consulting company.