Security vendor Entrust has confirmed that hackers breached its network last month, accessing its systems used for internal operations and stealing some files.
Entrust is based in Minneapolis, United States, and has offices around the world, including in New Zealand.
The company which describes itself as a global leader in identities, payments, and data protection, was mum about what exactly was stolen during the June 18 breach.
But it suggested in a statement to CRN that it does not believe sensitive customer data was swiped in the attack –and nor were company operations impacted.
“While our investigation is ongoing, we have found no indication to date that the issue has affected the operation or security of our products and services, which are run in separate, air-gapped environments from our internal systems and are fully operational,” the company said.
“We take seriously our responsibility to protect our systems and have been engaged with our customers on the issue.”
In its statement, Entrust did say it’s been “determined that an unauthorized party accessed certain of our systems used for internal operations.
We promptly began an investigation with the assistance of a leading third-party cybersecurity firm and have informed law enforcement.”
The statement issued to CRN and other media outlets made no mention of stolen files.
But in a July 6 memo to customers, Entrust chief executive Todd Wilkinson acknowledged that “some files were taken from our internal systems.”
He did not elaborate further.
The July 6 memo was first reported by security researcher Dominic Alvieri, who tweeted a screenshot of the message from Wilkinson before the memo was taken down by the company.
Entrust security incident dated June 18th.— Dominic Alvieri (@AlvieriD) July 21, 2022
Entrust blog still down on your left and official statement on your right.
No one seen taking credit to date.@Entrust_Corp #cybersecurity #infosec @Cyberknow20 @GossiTheDog @campuscodi @vxunderground @FBI pic.twitter.com/m54y0x1CIJ
Even if it’s determined no sensitive data was taken and no operations disrupted, the incident is still an embarrassment to Entrust, a major security vendor with a number of past and present high-profile customers, including the US Departments of Homeland Security, Treasury, Energy and other federal agencies.
The company boasts of offering a number of services and products dealing with cloud security, encryption and key management.
Entrust is just the latest cybersecurity-related company to get hit by a cyber-attack, with past incidents involving well-known firms such as Accenture and Kaseya.
Earlier this month, SHI International, a major provider of IT products and services around the world, acknowledged that it suffered a “coordinated and professional malware attack” that caused a number of operational disruptions at the company.
It took more than a week for SHI to resolve the majority of its attack-related woes.
Entrust has been stressing that the June 18 intrusion has not “affected the operation or security of our products and services.”
In his July 6 memo to customers, Wilkinson stressed that Entrust will “contact you directly if we learn information that we believe would affect the security of the products and services we provide to your organisation.”
He added: “Though our investigation continues, we have no evidence of ongoing unauthorised access to our systems and are implementing additional safeguards to help enhance our security.”