Startups Close, Laid-Off Employees Asked to Be Aware of Becoming Victims of Fraud
Jakarta, CNBC Indonesia –Cybersecurity researchers have found that employees at startups that have closed or been laid off are easy targets for fraudsters who hack accounts.
Researchers say that former employees of startups that have closed are at high risk of having their data stolen. The hacking was carried out through data in the Slack application, including Social Security numbers and bank accounts.
The researcher who discovered this problem is Dylan Ayrey, co-founder and CEO of the Andreessen Horowitz-backed startup, Truffle Security.
Ayrey made the announcement at the ShmooCon security conference when he gave a presentation about a weakness he found in Google OAuth, the technology behind “Sign in with Google,” which can be used as a replacement for passwords.
Ayrey provided the material after reporting the vulnerability to Google and other companies that might be affected.
He found that hackers could buy inactive domains from startups that had gone bankrupt. Then they used them to log into cloud software, where every employee in the company had access, such as the company’s chat or video applications.
From there, many of these apps offer a company directory or user info page where hackers can find the emails of former startup employees who have been laid off.
Armed with those domains and emails, hackers can use the “Sign in with Google” option to access many of the startups’ cloud software apps, often finding more employee emails there.
To test the vulnerability he found, Ayrey bought a failed startup’s domain and from there he was able to log into ChatGPT, Slack, Notion, Zoom, and HR systems that contained employee Social Security numbers.
“That’s the biggest threat, because data from cloud HR systems is the easiest to monetize, and Social Security numbers and banking information and anything else that’s inside of HR systems are the most likely targets,” Ayrey said, as quoted by TechCrunch on Monday (10/20/2021). 1/2025).
He said old Gmail accounts or Google Docs that employees created personally outside of the company’s ecosystem, or any data created with Google apps separately, are not at risk, and Google confirmed that.
While any startup close to a domain for sale could be a target, their employees are particularly vulnerable, as startups tend to use Google apps and a lot of cloud software to run their businesses.
Ayrey calculates that tens of thousands of former employees are at risk, as are millions of SaaS software accounts.
This is based on his research, which found 116,000 website domains currently for sale from failed startups.
SOURCE : CNBC INDONESIA
