Security Experts:

Pitney Bowes Operations Disrupted by Ransomware Attack

Global shipping and ecommerce giant Pitney Bowes on Monday informed customers that some of its services are unavailable due to a piece of ransomware infecting some systems.

Pitney Bowes provides a wide range of commerce solutions, including shipping, ecommerce, customer information and engagement software, location data, presort services, and financing. Its services are used by 90 percent of Fortune 500 companies.

The company revealed on Monday that a piece of ransomware has encrypted files on some of its systems, making certain services inaccessible to users. However, the firm says there is no evidence that the attackers gained access to customer or employee data.

“Our technical team is working to restore the affected systems, and it is working closely with third-party consultants to address this matter. We are considering all options to expedite this process and we appreciate our customers’ patience as we work toward a resolution,” Pitney Bowes said.

According to the company, the incident has impacted its mailing system products, Your Account services, the supplies web store, Software and Data Marketplace downloads, along with Presort and some other commerce services.

As previous incidents have shown, ransomware attacks can have a significant financial impact on an organization. In the case of Norwegian aluminum giant Norsk Hydro, for instance, the company expects losses to total tens of millions of dollars.

“Costs related to this cyber incident could go up rapidly for Pitney Bowes: third-party forensic experts, breach notification, loss of revenue, lawsuits and much more,” Rajeev Gupta, co-founder and chief product officer at Cowbell Cyber, told SecurityWeek. “Cyber security insurance can help immediately, especially if the cyber policy is up to date with the number of records to be covered. This is why continuous underwriting of cyber policies can eliminate any insurability gaps.”

As for how the ransomware made its way onto Pitney Bowes systems, some experts believe the attackers used a phishing email or exploited unpatched software.

“Phishing is involved in 70% to 90% of all successful breaches and unpatched software is involved for 20% to 40% attacks,” Roger Grimes, Data-Driven Defense Evangelist at KnowBe4, said via email. “Any single other root cause you can think of accounts for less than 1% of the risk. Every other risk added up all together equates to less than 10% of the risk in most organizations.”

Grimes added, “Phishing and unpatched software have been responsible for the greatest number of attacks for over three decades, and it’s not going to change as long as people aren’t paying attention to the right things. Hackers will keep using phishing and attacking unpatched software for as long as it is working, and as the latest attack against Pitney Bowes shows, it’s working just fine.”

Related: Shipping Giant COSCO Hit by Ransomware

Related: FedEx May Have Permanently Lost Data Encrypted by NotPetya

Related: Malware Attack Disrupts Merck's Worldwide Operations

Related: Maersk Reinstalled 50,000 Computers After NotPetya Attack

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.