Security company Cylance says it has been hacked and its data put up for sale online
Cybersecurity firm Cylance has confirmed it has been the victim of a cyberattack and says the data being sold on the dark web is legitimate.
Reporting on the news, BleepingComputer said the company lost 34 million emails and other personally identifiable information (PII) from customers, employees and partners alike.
This database is now being sold for $750,000, with the seller going by the name Sp1d3r, apparently the same person who recently broke in and stole sensitive information from Advance Auto Parts. The hacker sold this database with 380 million customer profiles for $1.5 million.
Old data
Advance Auto Parts is one of many victims breached through Snowflake, a major cloud service provider.
However, in a statement to BleepingComputerBlackBerry Cylance said the breach is not related to Snowflake and that the data being sold now is relatively old. BlackBerry Cylance said it was “aware and investigating” the dark web claims, before adding that “no BlackBerry data and systems relating to (..) customers, products and operations are at risk brought.”
“Based on our initial reviews of the data in question, there is no impact to current Cylance customers and no sensitive information is involved,” the company added.
“The data in question is accessed through a third-party platform unrelated to BlackBerry and appears to originate from 2015-2018, prior to BlackBerry’s acquisition of the Cylance product portfolio.”
“BlackBerry Cylance is not a Snowflake customer,” the company said.
Once a giant in consumer mobile technology, BlackBerry at one point sold more than 50 million devices. However, like Nokia, the company did not adapt well to the increasingly popular Android and iPhone devices, causing it to slowly fade into obscurity. In 2016, the company stopped making phones and focused on enterprise services and, more specifically, cybersecurity. In 2019, the company made its largest acquisition to date, spending $1.4 billion on Cylance.