JULY 2025 INSIDER THREAT INCIDENTS REPORT
Produced Monthly By:
National Insider Threat Special Interest Group (NITSIG)
Insider Threat Defense Group
West Palm Beach, Florida, August 6, 2025
Many organizations are only focusing on EXTERNAL THREATS from CYBER CRIMINALS. But lurking behind the firewalls of many organizations are INTERNAL THREATS that can many times be more damaging then EXTERNAL THREATS.
While network intrusions and ransomware attacks can be very costly and damaging, so can the actions of employees’ who are negligent, malicious or opportunists as referenced in this months report. There continues to be a drastic increase in financial fraud, embezzlement, contracting fraud, bribery and kickbacks.
Some organizations invest thousands of dollars in securing their data, computers and networks against Insider Threats, from primarily a technical perspective, using Network Security Tools or Insider Threat Detection Tools. But the Insider Threat problem is not just a technical problem. If you read any of these monthly reports, you might have a different perspective on Insider Threats.
The financial damages from Insider Threat incidents are usually into the MILLIONS, and sometimes into the BILLIONS. Other impacts from an incident can be legal problems for an organization, compliance and liability fines, stock price reduction, employees’ lose jobs or a company could go out out of business.
To combat the problems caused by employees, many organizations have implemented Insider Risk Management (IRM) Programs. A IRM Program is critical for protecting an organization’s assets. (Facilities, Financial Assets, Employees, Data, Computer Systems – Networks)
EXAMPLES FROM REPORT / (STP = Sentenced To Prison)
Sports Store Employee Charged For Setting Fire To Store Causing $44 Million In Damages
National Health Care $14.6 BILLION+ Fraud Takedown / Results In 324 Defendants Charged / Includes 96 Doctors, Nurse Practitioners, Pharmacists & Other Licensed Medical Professionals
Justice Department Announces Coordinated, Nationwide Actions To Combat North Korean Remote Information Technology Fraudulent Workers Schemes
U.S. Air Force Employee Pleads To Disclosing Classified Information On Dating Platform
U.S. Army Soldier Pleads Guilty To $1 Million Hacking And Extortion Scheme Involving Telecommunications Companies
Department Of Veterans Affairs Employee STP For $565,000+ Fraudulent Invoices And Shell Company Scheme
FBI Procurement Official Pleads Guilty To Bid-Rigging Scheme Involving Sister To Obtain $350,000 In Electronics Contracts
Former Amtrak Employee STP For $998,000+ Million COVID Jobless Benefits Fraud Scheme With Husband
8 Individuals From China & Taiwan Involved In IT Fraudulent Workers Scheme To Obtain Remote Jobs At 100+ U.S. Companies / Caused $3 Million In Damages
4 North Koreans Charged For Fraudulent IT Workers Scheme To Infiltrate American Companies / Stole Nearly $1 Million From Company
Employee Who Sold Login Credentials To Hackers Leads To $140 Million Theft From Brazilian Banks
Disgruntled IT Worker STP For Cyber Attack Against Employer After Being Suspended From Work / Caused $270,00+ In Damages
Fired Information Technology Employee Arrested For Launching Cyber Attack Against Former Employer That Deleted & Altered Data
Company Awarded $59 Million For Trade Secret Theft By Vice President
Bank Contractor STP Prison For Role In $8 Million Debit Card Fraud Scheme
Bank Employee Arrested For Role In Obtaining $2.7 Million In COVID Business Relief Funds Scheme / Used Funds For Gambling, Luxury Cars, Jewelry, Etc.
Bank Employee Charged For Role In Illegally Accessing Customer Accounts And Stealing $477,000+
Company Bookkeeper STP For Embezzling $300,000 From Employer For 7+ Years / Used Funds For Cruises, Vacations, College Tuition Fees, Etc
Credit Union Branch Manager STP For Embezzling $330,000+ / Used Funds For Personal Gain
Company Personnel Director STP For Embezzling $500,000+ / Used Funds To Pay For Debts, Gambling, Vacations, Etc.
And Many More…
Download Report / No Registration Required
https://nationalinsiderthreatsig.org/pdfs/insider-threat-threats-incidents-report-disgruntled-malicious-employees%207-31-25.pdf
Previous Reports
https://nationalinsiderthreatsig.org/nitsig-insiderthreatreportssurveys.html
Or Use This Link
www.insiderthreatincidents.com
How To Receive Reports Via E-Mail
If you would like to receive the monthly Insider Threat Incidents Reports, please send an e-mail to: [email protected] to be added to the distribution list.
IRM PROGRAM TRAINING COURSES OFFERED BY THE INSIDER THREAT DEFENSE GROUP
If your organization is interested in establishing or optimizing an IRM Program, the training courses listed below will provide the core / advanced knowledge, skills and resources required.
Even our most experienced students that have attend our training training courses, or taken other IRM Program training courses, state that they are amazed at the depth of the training content and the resources provided, and are very happy they took the training and learned some new concepts and techniques for IRM. Our students have endorsed and given our training courses EXCEPTIONAL reviews. We encourage you to read the feedback from our students on this link.
IRM Program Evaluation & Optimization Training Course ***
Airbus U.S Space & Defense / NASA Kennedy Space Center Florida
September 15-16, 2025
Insider Threat Investigations & Analysis Training Course With Legal Guidance From Attorney
October 1-2, 2025 (Classroom – Virtual)
Johns Hopkins University Applied Physics Laboratory, Laurel, Maryland
IRM Program Evaluation & Optimization Training Course ***
University El Paso, Texas
October 27-28, 2025
Complete Details / Registration Located Under Upcoming Training Classes
*** Special Pricing For Insider Threat Awareness Month (September)
https://www.insiderthreatdefense.us/insider-threat-defense-group-training/
Contact Information For Questions
Jim Henderson, CISSP, CCISO
Founder / Chairman Of The National Insider Threat Special Interest Group
Insider Threat Researcher / Speaker
FBI InfraGard Member
[email protected]
www.nationalinsiderthreatsig.org
561-809-6800
CEO Insider Threat Defense Group, Inc.
Insider Risk Management Program (IRMP) Training Course Instructor / Consultant
Insider Threat Investigations & Analysis Training Course Instructor / Analyst
Insider Risk / Threat Vulnerability Assessor
[email protected]
www.insiderthreatdefensegroup.com
LinkedIn Company Profile: https://www.linkedin.com/in/insiderthreatdefense
Follow Us On X / Twitter: @InsiderThreatDG
