Article Details

Hacker admits to leaking stolen Supreme Court data on Instagram. A Tennessee man has pleaded guilty to hacking the U.S. Supreme Court's electronic filing system and breaching accounts at the AmeriCorps U.S. federal agency and the Department of Veterans Affairs. Federal prosecutors said that 24-year-old Nicholas Moore, of Springfield, Tennessee, had accessed the Supreme Court's restricted electronic filing system at least 25 times between August and October 2023 using stolen credentials. Additionally, he sometimes logged into the Supreme Court's systems multiple times per day using the same compromised credentials. Moore allegedly bragged about the breaches on Instagram, posting screenshots containing victims' names and filing system details from the Supreme Court account to an account named @ihackedthegovernment. "On three occasions, Moore posted screenshots to his Instagram account, @ihackedthegovernment, of his victim’s Supreme Court filing system details including the victim’s name and other information," the Justice Department said on Friday. He also used compromised MyAmeriCorps credentials to access a second victim's AmeriCorps account seven times between August and October 2023, obtaining personal information from the agency's servers (including name, date of birth, email address, home address, phone number, citizenship status, veteran status, service history, and the last four digits of his social security number), and leaking it on the same Instagram account. Moore also used stolen login credentials from a U.S. Marine Corps veteran to access the Department of Veterans Affairs' My HealtheVet online personal health record (PHR) portal on five occasions between September and October 2023. The Department of Veterans Affairs also operates the largest integrated health care system in the country, providing care at 1,380 health care facilities across the United States. "The hack allowed Moore to access the veteran's private health information including prescribed medications and other intimate data," prosecutors said in court documents. "Moore then posted the veterans' health information to @ihackedthegovernment and boasted about gaining access to the VA’s servers." Moore confessed to one count of computer fraud, a misdemeanor carrying a maximum one-year prison sentence and a $100,000 fine. 7 Security Best Practices for MCP As MCP (Model Context Protocol) becomes the standard for connecting LLMs to tools and data, security teams are moving fast to keep these new services safe. This free cheat sheet outlines 7 best practices you can start using today.