May 8, 2024 at 08:37PM
Zscaler discovered a breached “test” environment, after rumors surfaced of a threat actor selling access to the company’s systems. Zscaler confirmed the test environment was not linked to their infrastructure and took it offline for analysis, assuring no impact on their customer or production environments. The incident was associated with a post by IntelBroker on Breached Forums.
Based on the meeting notes, the key takeaways are:
1. Zscaler confirmed that an isolated test environment exposed to the internet was discovered and subsequently taken offline for forensic analysis. However, they emphasized that no customer, company, or production environments were affected by the incident.
2. The rumors about a threat actor selling access to a cybersecurity company with a revenue of $1.8 billion, claimed to be Zscaler, circulated after a forum post by IntelBroker on Breach Forums. IntelBroker has a history of being responsible for breaches in other companies such as DC Health Link, Acuity, Home Depot, and Weee!.
3. The screenshot shared with BleepingComputer showing the threat actor claiming to have breached Zscaler further added to the speculation.
4. BleepingComputer attempted to contact Zscaler for further information but did not receive a response at the time of publication.