June 11, 2024 at 09:03AM
BlackBerry is investigating a potential data breach involving Cylance data being sold on the dark web. The company states that the data appears to be old and not from their own systems. No current Cylance customers seem to be affected, and the data was accessed from a third-party platform unrelated to BlackBerry. The incident is being closely monitored.
Key takeaways from the meeting notes:
1. BlackBerry is investigating the sale of Cylance data on the dark web, indicating that the data appears outdated and does not seem to originate from its own systems.
2. The cybercriminals are claiming to possess a large volume of customer and employee emails, including personally identifiable information and sales prospects, allegedly belonging to BlackBerry’s Cylance cybersecurity unit.
3. BlackBerry has responded, stating that there is no evidence of current Cylance customers being impacted, and the accessed data appears to be from 2015-2018, predating their acquisition of the Cylance product portfolio.
4. Emsisoft threat analyst Brett Callow noted that the Cylance data may have been obtained as a result of a campaign targeting customers of cloud data platform Snowflake, which has impacted numerous high-profile organizations.
5. Mandiant reported that roughly 165 organizations have been affected by the campaign targeting Snowflake customers, with stolen credentials being leveraged to target cloud storage.
6. There is no evidence of vulnerabilities in Snowflake systems or products, or that the vendor’s production or corporate systems have been compromised.
These points summarize the noteworthy information from the meeting notes related to the BlackBerry investigation and the broader context of campaigns targeting cloud data platform Snowflake and the impact on various organizations.