June 11, 2024 at 12:39PM
BlackBerry’s cybersecurity firm Cylance confirmed that the data being sold on the Dark Web doesn’t pose a threat to customers. They believe the information is related to marketing data before BlackBerry’s acquisition, and it came from an undisclosed third-party platform. Cylance also stated that their systems remain secure. The validity of the cybercriminals’ claims remains questionable.
From the meeting notes, the key points to consider are:
1. Cylance claims that the data being sold on the ‘Dark Web’ doesn’t endanger customers and is related to company marketing between 2015 and 2018. They assert that BlackBerry Cylance systems and products remain secure.
2. The data being sold includes customer and employee emails, personal information, and other internal documents. The alias selling Cylance’s data is “Sp1d3r”, and it is reportedly being sold for $750,000.
3. Cylance has confirmed that it is not a Snowflake customer, despite data also being sold allegedly belonging to Advanced Auto Parts and QuoteWizard, both of which are rumored to be linked to the ongoing breaches of Snowflake customers.
4. Incident response experts at Mandiant released a report looking at Snowflake victims, saying it believes the number of compromised organizations stands at 165. They identified the activity as linked to a group it tracks as UNC5537.
5. The credentials used in account compromises were valid and appear to have been aggregated from various infostealers dating back to 2020, suggesting that some victims weren’t rotating their credentials for years.
6. The data auctioned may not be fully reliable, as recent cases have shown exaggerated claims from cybercriminals, with RansomHub’s inflated numbers being an example cited.
These takeaways provide a summary of the meeting notes, focusing on the salient information pertaining to the data breach and the entities involved. Let me know if there’s anything else you need to highlight or further analyze.