Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

IT Management Firm LANDESK Suffers Data Breach

LANDESK, a Utah-based company that provides IT and security management services, has suffered a data breach in which employee information may have been compromised, and possibly even product source code.

LANDESK, a Utah-based company that provides IT and security management services, has suffered a data breach in which employee information may have been compromised, and possibly even product source code.

The company said it recently became aware of unusual activity on its IT systems. An investigation conducted by a forensics firm revealed that the personal details of a “few” current and former employees may have been compromised.

LANDESK’s investigation is ongoing, but the company says there is no evidence that the personal information of other employees or any customers has been exposed.

Security blogger Brian Krebs has obtained a copy of the email sent out by LANDESK to current and former employees on November 18. The email revealed that the exposed personal information includes the names and social security numbers of LANDESK employees and former employees of Wavelink, a firm acquired by LANDESK in 2012.

Krebs has learned from a LANDESK employee that the attackers might have initially gained access to the company’s network in June 2014. The employee said the attackers obtained the credentials of a developer, the global IT director, and a domain administrator from China.

The employee, who spoke on condition of anonymity, said investigators also found evidence that the hackers accessed source code and build servers, which would have serious consequences for the company and its customers.

In a statement published on Wednesday, LANDESK said this is only speculation. The company downplayed the incident and reassured customers about the security of its products.

Advertisement. Scroll to continue reading.

“We can’t comment on the specifics of the investigation, but based on the information we know so far, we have not confirmed a risk to our customers’ environments, and there are no known primary attack vectors using LANDESK software,” LANDESK said.

“Security is, and will continue to be, a high priority for LANDESK,” the company added. “Over the years LANDESK has done significant work to ensure our products are secure and safe to use. Additional security measures are added with every new release, and we encourage all customers to keep up-to-date with the latest versions of our products.”

Related Reading: User Data Accessed in Certification Management System Breach

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Artificial Intelligence

Two new surveys stress the need for automation and AI – but one survey raises the additional specter of the growing use of bring...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...