- Logitech confirms data breach via SEC filing, citing zero-day in third-party software as entry point
- Cl0p ransomware gang claims responsibility, alleging theft of 1.8TB of corporate data
- Stolen data may include limited information about employees, consumers and suppliers; the investigation is ongoing
Logitech was recently hit by a data breach that saw hackers take the company’s sensitive data – but it’s still unclear how many people are affected and what type of data was recovered.
Logitech filed a new Form 8-K with the U.S. Securities and Exchange Commission (SEC) to notify the agency of the attack, noting that the anonymous crooks used a zero-day vulnerability in one of the third-party software they used to break in.
“Logitech believes that the unauthorized third party used a zero-day vulnerability in a third-party software platform and copied certain data from the internal computer system,” the form states.
Cl0p strikes again
“The zero-day vulnerability was patched by Logitech after it was released by the software platform provider,” it added, seeking to downplay its responsibility for the attack, saying it acted responsibly and patched the software as soon as the patch was available.
Why the scammers were able to extract the files, especially without being detected, was not addressed in the form.
Logitech later explained that the investigation was still ongoing, but added that the stolen data “likely included limited employee and consumer information as well as customer and supplier data.”
Sensitive personal information, such as national identity numbers or credit card information, was likely not stolen because it was not stored in the compromised computer system.
Logitech reportedly only confirmed the breach after its name appeared on the Cl0p data leak site. Cl0p is a notorious ransomware actor, who discovered a zero-day vulnerability in Oracle’s E-Business suite and used it to target hundreds of companies and exfiltrate terabytes of data.
The group now claims to have extracted almost 1.8TB of data from Logitech, but it is unclear how much money it asked for in return.
Via BeepComputer
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
