Security Experts:

IT Management Firm LANDESK Suffers Data Breach

LANDESK, a Utah-based company that provides IT and security management services, has suffered a data breach in which employee information may have been compromised, and possibly even product source code.

The company said it recently became aware of unusual activity on its IT systems. An investigation conducted by a forensics firm revealed that the personal details of a “few” current and former employees may have been compromised.

LANDESK’s investigation is ongoing, but the company says there is no evidence that the personal information of other employees or any customers has been exposed.

Security blogger Brian Krebs has obtained a copy of the email sent out by LANDESK to current and former employees on November 18. The email revealed that the exposed personal information includes the names and social security numbers of LANDESK employees and former employees of Wavelink, a firm acquired by LANDESK in 2012.

Krebs has learned from a LANDESK employee that the attackers might have initially gained access to the company’s network in June 2014. The employee said the attackers obtained the credentials of a developer, the global IT director, and a domain administrator from China.

The employee, who spoke on condition of anonymity, said investigators also found evidence that the hackers accessed source code and build servers, which would have serious consequences for the company and its customers.

In a statement published on Wednesday, LANDESK said this is only speculation. The company downplayed the incident and reassured customers about the security of its products.

“We can’t comment on the specifics of the investigation, but based on the information we know so far, we have not confirmed a risk to our customers’ environments, and there are no known primary attack vectors using LANDESK software,” LANDESK said.

“Security is, and will continue to be, a high priority for LANDESK,” the company added. “Over the years LANDESK has done significant work to ensure our products are secure and safe to use. Additional security measures are added with every new release, and we encourage all customers to keep up-to-date with the latest versions of our products.”

Related Reading: User Data Accessed in Certification Management System Breach

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.