Entrust Hack Security Breach
Security giant Entrust has finally confirmed its internal IT systems were breached back in June.
Entrust is a security firm focused on online trust and identity management, offering a wide range of services, including encrypted communications, secure digital payments, and ID issuance solutions.
Hackers stole ‘some files’ security vendor Entrust admits: Data breach last month with unauthorised internal systems access confirmed.
Entrust has reluctantly admitted the databreach, resulting in the theft of essential corporate data. The breach impacts the DOJ, the DOE, and the USDT, among others major organisations.
It wasn’t until July 26th that the breach was publicly confirmed when security researcher Dominic Alvieri tweeted a screenshot of a security notice sent to Entrust’s customers.
The responsible group operation relied on the trusted network of network access sellers to obtain initial access to Entrust environment which led to the subsequent encryption and exfiltration exposure via a known ransomware group.
Whether a ransom has been paid or not is currently unknown.
The breach was discovered on June 18 and the firm started notifying customers on July 6. The reasons for the delay on notifying customers was not given. This delay could clearly put customers systems at risk and could be considered negligent.
Entrust stated “We have determined that some files were taken from our internal systems. As we continue to investigate the issue, we will contact you directly if we learn information that we believe would affect the security of the products and services we provide to your organization.” – Entrust.