INSUBCONTINENT EXCLUSIVE:
Login credentials belonging to an employee at both the Cybersecurity and Infrastructure Security Agency and the Department of Government
Efficiency have appeared in multiple public leaks from info-stealer malware, a strong indication that devices belonging to him have been
hacked in recent years.Kyle Schutt is a 30-something-year-old software engineer who, according to Dropsite News, gained access in February
Under his role at CISA, he likely is privy to sensitive information regarding the security of civilian federal government networks and
critical infrastructure throughout the US.According to journalist Micah Lee, user names and passwords for logging in to various accounts
belonging to Schutt have been published at least four times since 2023 in logs from stealer malware
Stealer malware typically infects devices through trojanized apps, phishing, or software exploits
Besides pilfering login credentials, stealers can also log all keystrokes and capture or record screen output
He might have gotten hacked years ago and the stealer log datasets were just published recently
belong to Schutt have appeared in 51 data breaches and five pastes tracked by breach notification service Have I Been Pwned
Among the breaches that supplied the credentials is one from 2013 that pilfered password data for 3 million Adobe account holders, one in a
2016 breach that stole credentials for 164 million LinkedIn users, a 2020 breach affecting 167 million users of Gravatar, and a breach last
year of the conservative news site The Post Millennial.
