[BreachExchange] Pitney Bowes Suffered Second Ransomware Attack Within A Year
Destry Winant
destry at riskbasedsecurity.com
Tue May 19 09:59:31 EDT 2020
https://latesthackingnews.com/2020/05/17/pitney-bowes-suffered-second-ransomware-attack-within-a-year/
As the world is in a standstill and people are relying more on
delivery services, the threat actors are targeting this niche now.
However, the recent victim, Pitney Bowes, isn’t a new one. Rather this
is the second ransomware attack on Pitney Bowes in less than a year.
Pitney Bowes Second Ransomware Attack
Reportedly, the technology giant Pitney Bowes has suffered a cyber
attack once again. Pitney Bowes manages package and mail delivery, and
other e-commerce related services, predominantly in the United States.
According to ZDNet, the company has recently suffered a second
ransomware attack.
The news surfaced online after the potential threat actors behind this
incident, the Maze ransomware gang, hinted of it. Disclosing the
matter via a blog post, they shared screenshots of directory listings
that possibly belonged to the firm’s network.
However, details about the extent of data breached, the demand for
ransom, and other issues aren’t available yet.
No Disclosure, But ‘Investigations Underway’
Upon noticing the screenshots, ZDNet reached out to the firm to
confirm the matter.
In response, their spokesperson confirmed the security incident with
the following statement. Yet, this time, either they are trying to
downplay the incident, or the matter really isn’t that serious.
"Recently, we detected a security incident related to Maze ransomware.
We are investigating the scope of the attack, specifically the type of
data that had been accessed, which appears to be limited. At this
point, there is no evidence of further unauthorised access to our IT
systems."
However, Pitney Bowes hasn’t mentioned anything in this regard on
their website or social media profiles.
This is in contrast to the first ransomware attack that took place in
October 2019. At that time, they not only disclosed the incident
officially. Rather they also set up a dedicated status page for
continuous updates. Though, that time, the attackers were different –
the Ryuk ransomware gang, as confirmed by the company.
Nevertheless, the spokesperson has assured that they are investigating
the matter. So, let’s wait if they disclose the matter publicly after
reaching a conclusion.
For now, one thing is clear – the firm has been a victim of two
different ransomware within a year. This certainly indicates the level
of security and vulnerability of the firm’s network.
More information about the BreachExchange
mailing list