"On Nov. 22, the organization released a statement regarding the incident, revealing that "certain information" was compromised from their systems as a result. The statement read, "Corporate data associated with certain of our clients' relationship with SitusAMC such as accounting records and legal agreements has been impacted. Certain data relating to some of our clients' customers may also have been impacted. The scope, nature and extent of such impact remains under investigation by the Company and its third-party advisors." This incident occurred on Nov. 12. Upon discovery of the attack, the organization states that it began its investigation and cooperation with law enforcement officials."
"Piyush Pandey, CEO at Pathlock: This breach underscores the need for organizations to adopt an "assume breach" mindset - not only in theory but in practice, especially for those providing services to financial institutions and other critical infrastructure organizations. That means investing not just in preventive measures, but also in controls that enable rapid detection, containment, and remediation of attacks. This approach helps limit the scale of a breach and supports faster recovery."
"Dave Tyson, Chief Intelligence Officer at iCOUNTER: Third parties have always been a desirable target for cybercriminals, although as a vector in enabling targeted attacks they were rarer because they required deep knowledge of internal systems, executive profiles, business system connections, and IT infrastructure to be highly effective. Now, AI is making this level of targeting available to a much broader class of threat actors who can profile, conduct reconnaissance, and launch a sophisticated, cost-effective targeted attack with precision and speed. What was once limited by manu"
A cyberattack against SitusAMC on Nov. 12 resulted in compromise of corporate data tied to some client relationships, including accounting records and legal agreements, and potentially some customer-related data. The company reported the impact on Nov. 22 and states that the scope, nature, and extent of affected data remain under investigation with third-party advisors while cooperating with law enforcement. Security leaders warn that service providers to financial institutions must adopt an assume-breach mindset, invest in detection, containment, and remediation controls, and recognize that AI lowers barriers for attackers targeting third parties.
Read at Securitymagazine
Unable to calculate read time
Collection
[
|
...
]