On Wednesday 6th of July 2022, Entrust, a digital security giant confirmed that it experienced a cyberattack that occurred on Saturday 18th of June 2022, where threat actors breached their network and stole corporate data from internal systems. The confirmation of the incident was announced to Entrust’s customers via a security notice. The customers who could be affected by the incident include US government agencies, such as the Department of Energy, Department of Homeland Security, the Department of the Treasury, the Department of Health & Human Services, the Department of Veterans Affairs, and the Department of Agriculture.
“I am writing to let you know that on June 18, we learned that an unauthorized party accessed certain of our systems used for internal operations. We have been working tirelessly to remediate this situation since that moment,” – Todd Wilkinson, Entrust CEO.
The security notice stated that Entrust had started an investigation with a leading cybersecurity firm and law enforcement into the incident and at this current time, the investigation has found no indication that the incident has affected the operation or security of Entrust’s products and services. The security notice also confirmed that data was stolen although it is not known yet if the stolen data is made up of purely corporate data or customers’ and vendors’ as well.
“While our investigation is ongoing, we have found no indication to date that the issue has affected the operation or security of our products and services, which are run in separate, air-gapped environments from our internal systems and are fully operational,” – Entrust.
Even though Entrust hasn’t shared any further details regarding the incident, sources have learned that a well-known ransomware gang is behind the attack. Furthermore, AdvIntel CEO, Vitali Kremez has stated that a ransomware operation had purchased compromised Entrust credentials and used them to breach their internal network.
© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.