August 20, 2024 at 06:50PM
Cannon Corporation, operating as CannonDesign, has notified over 13,000 clients of a data breach where hackers stole data in early 2023. The breach included unauthorized network access and data theft. Despite discovering the breach in January 2023, the investigation was completed in May 2024, revealing compromised personal information. The ransomware gang Avos Locker initially claimed responsibility, followed by Dunghill Leaks publishing stolen data.
Based on the meeting notes, it seems that Cannon Corporation, operating as CannonDesign, experienced a significant data breach resulting from an Avos Locker ransomware attack. The breach, which occurred between January 19-25, 2023, was only discovered by the firm on January 25, 2023. The subsequent investigation, which concluded on May 3, 2024, revealed that the threat actor may have accessed sensitive personal information, such as names, addresses, social security numbers, and driver’s license numbers.
CannonDesign has taken steps to notify and support impacted individuals, offering them 24-month credit monitoring through Experian. Despite claims that the stolen data has been published online multiple times, the firm is not aware of any attempted misuse of the information. It also seems that the original breach announcement by Avos Locker, followed by the release of stolen data by Dunghill Leaks, has led to the circulation of the dataset across various platforms, including hacker forums and the dark web.
This breach has raised concerns about the security and privacy of CannonDesign’s corporate and client files, as well as other sensitive information. It will be essential for the company to implement robust security measures and address any vulnerabilities to safeguard against future cyber threats and protect the integrity of its data and that of its clients.