Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

US security vendor’s customer data allegedly stolen in June hack

Cyber security company Entrust has disclosed it was hit by a cyber attack in June, where customers’ data was reportedly compromised.

user icon
Thu, 28 Jul 2022
US security vendor’s customer data allegedly stolen in June hack
expand image

Based in Minneapolis, US, the cyber security vendor confirmed that it had been hacked on 18 June by an "unauthorised party". In an interview with TechCrunch, an Entrust spokesperson confirmed that the hackers got into parts of their systems used for internal operations last month.

In a statement commenting on the breach, Ken Kadet, vice president of communications at Entrust, confirmed that an investigation was promptly conducted.

"While our investigation is ongoing, we have found no indication to date that the issue has affected the operation or security of our products and services, which are run in separate, air-gapped environments from our internal systems and are fully operational.

============
============

"We promptly began an investigation with the assistance of a leading third-party cyber security firm and have informed law enforcement," Kadet stated.

Entrust has listed 10,000 customers, including a number of US government agencies like the Department of Homeland Security, the Treasury and software giants like Microsoft on its website to name a few well-known brands.

Dominic Alvieri, a cyber security researcher acquired a 6 July notice sent to Entrust customers and posted it on Twitter.

In the notice, Entrust CEO Todd Wilkinson has assured customers that the cyber security vendor will notify customers once the investigation uncovers more information. Wilkinson also stated that "some files were taken from our internal systems", disclosing the hack's impact.

"As we continue to investigate the issue, we will contact you directly if we learn information that we believe would affect the security of the products and services we provide to your organisation,” Wilkinson added in his note to customers.


Entrust declined to confirm if the intrusion was related to ransomware and refused to comment what had been stolen or reveal what kind of data was stolen in the TechCrunch interview.

So far, no ransomware gang has yet claimed responsibility for the hack.

[Related: No to ransomware: How 1.5 m people avoided extortion with free decrypting tools]

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.