The legitimacy of data for sale on the dark web confirmed by Cylance
June 11, 2024
An individual posing as a threat actor offers the data from BlackBerry’s Cylance cybersecurity unit for sale, demanding $750,000.
Identified as Sp1d3r, the threat actor is marketing the stolen data for $750,000. The dataset comprises 34 million customer and employee email addresses, customer/prospect information and PII, organization product usage details, sales prospect lists with activity status, Cylance partners and user lists.
BlackBerry has informed various media outlets that they are investigating the potential data breach.
The company has stated that the data was compromised from a third-party platform and seems to be outdated.
After conducting preliminary assessments on the data at hand, BlackBerry explained to SecurityWeek that, “No current Cylance customers are impacted, and there is no sensitive information involved. The breached data was accessed through an unrelated third-party platform, not associated with BlackBerry, and dates back to the period of 2015-2018, which preceded BlackBerry’s acquisition of the Cylance product portfolio.”
Furthermore, they added, “We are closely monitoring the situation and will implement all essential measures to uphold the integrity of our products and systems, and the confidence of our clientele.”
Although some experts speculate that the attackers may have obtained the data from the cloud service Snowflake, Cylance has clarified that they are presently not utilizing Snowflake.
Connect with me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)
About Author
