Cybersecurity Company Extorted Its Clients, Says Whistleblower

Richard Wallace used to be an investigator for Tiversa, a cybersecurity company that sells services like "breach protection" and "incident response." These days, Wallace is testifying in federal court that Tiversa faked breaches to encourage sales, and extorted clients that weren't interested. For example, Wallace said Tiversa targeted a cancer testing center called LabMD in 2010, tapping into their computers and downloading medical records. Tiversa then used those records as evidence to convince LabMD they had been hacked, offering its "incident response" service at the same time. LabMD didn't fall for it, so Tiversa told the FTC about the "hack." The FTC, none-the-wiser, went after LabMD in court, eventually destroying the business. Wallace has also cast suspicion on reports Tiversa has issued, including one saying President Obama's helicopter blueprints were found on Iranian computers.