LANDESK, a Utah-based company that provides IT and security management services, has suffered a data breach in which employee information may have been compromised, and possibly even product source code.
The company said it recently became aware of unusual activity on its IT systems. An investigation conducted by a forensics firm revealed that the personal details of a “few” current and former employees may have been compromised.
LANDESK’s investigation is ongoing, but the company says there is no evidence that the personal information of other employees or any customers has been exposed.
Security blogger Brian Krebs has obtained a copy of the email sent out by LANDESK to current and former employees on November 18. The email revealed that the exposed personal information includes the names and social security numbers of LANDESK employees and former employees of Wavelink, a firm acquired by LANDESK in 2012.
Krebs has learned from a LANDESK employee that the attackers might have initially gained access to the company’s network in June 2014. The employee said the attackers obtained the credentials of a developer, the global IT director, and a domain administrator from China.
The employee, who spoke on condition of anonymity, said investigators also found evidence that the hackers accessed source code and build servers, which would have serious consequences for the company and its customers.
In a statement published on Wednesday, LANDESK said this is only speculation. The company downplayed the incident and reassured customers about the security of its products.
“We can’t comment on the specifics of the investigation, but based on the information we know so far, we have not confirmed a risk to our customers’ environments, and there are no known primary attack vectors using LANDESK software,” LANDESK said.
“Security is, and will continue to be, a high priority for LANDESK,” the company added. “Over the years LANDESK has done significant work to ensure our products are secure and safe to use. Additional security measures are added with every new release, and we encourage all customers to keep up-to-date with the latest versions of our products.”
Related Reading: User Data Accessed in Certification Management System Breach
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption
- Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021
- Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data
- Barracuda Urges Customers to Replace Hacked Email Security Appliances
- Google Patches Third Chrome Zero-Day of 2023
- ChatGPT Hallucinations Can Be Exploited to Distribute Malicious Code Packages
- AntChain, Intel Create New Privacy-Preserving Computing Platform for AI Training
- Several Major Organizations Confirm Being Impacted by MOVEit Attack
Latest News
- In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption
- Blackpoint Raises $190 Million to Help MSPs Combat Cyber Threats
- Google Introduces SAIF, a Framework for Secure AI Development and Use
- ‘Asylum Ambuscade’ Group Hit Thousands in Cybercrime, Espionage Campaigns
- Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021
- SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint
- Google Cloud Now Offering $1 Million Cryptomining Protection
- Democrats and Republicans Are Skeptical of US Spying Practices, an AP-NORC Poll Finds
