"Electronics firm Logitech has confirmed that it's fallen victim to a cyber attack, warning that customer and employee data has been stolen. The company that when the incident was detected it promptly took steps to investigate and respond, calling in external cybersecurity firms for help. "While the investigation is ongoing, at this time Logitech believes that the unauthorized third party used a zero-day vulnerability in a third-party software platform and copied certain data from the internal IT system," said the firm."
""The zero-day vulnerability was patched by Logitech following its release by the software platform vendor." Logitech said the exfiltrated data included 'limited' information about employees and consumers, and data relating to customers and suppliers. "Logitech does not believe any sensitive personal information, such as national ID numbers or credit card information, was housed in the impacted IT system," it said."
Logitech detected a cyberattack in September that resulted in certain data being copied from an internal IT system. The company engaged external cybersecurity firms and patched a zero-day vulnerability in a third-party software platform after the vendor released a fix. Exfiltrated material included limited employee and consumer information plus data relating to customers and suppliers; sensitive personal data such as national ID numbers or credit card information is not believed to have been housed in the impacted system. Products, business operations, and manufacturing were not affected. Logitech expects cybersecurity insurance to cover response costs and liabilities. The Clop extortion gang claimed responsibility and asserted more than a terabyte of data was stolen as part of a campaign targeting Oracle E-Business Suite customers.
Read at IT Pro
Unable to calculate read time
Collection
[
|
...
]