- Logitech confirms data breach via SEC filing, citing a zero-day in third-party software as the entry point
- Cl0p ransomware gang claims responsibility and claims theft of 1.8TB of corporate data
- Stolen data may include limited employee, consumer and supplier information; investigation is underway
Logitech was recently hit by a data breach where hackers got away with sensitive company data – but how many people are affected and what kind of data was taken is yet to be seen.
Logitech filed a new 8-K form with the US Securities and Exchange Commission (SEC) to notify the agency of the hit, noting that the unnamed crooks used a zero-day vulnerability in one of the third-party software it used to break into.
“Logitech believes that the unauthorized third party exploited a zero-day vulnerability in a third-party software platform and copied certain data from the internal IT system,” the form states.
Cl0p strikes again
“The zero-day vulnerability was fixed by Logitech after its release by the software platform vendor,” it added, seeking to minimize its responsibility for the attack, saying it did the responsible thing and patched the software as soon as the fix was available.
Why the villains were able to extract the files, especially without being detected, was not discussed in the scheme.
Logitech then explained that the investigation is still ongoing, but added that the stolen data “likely included limited employee and consumer information and data related to customers and suppliers.”
Sensitive personal data, such as national ID numbers or credit card details, were most likely not stolen as they were not stored in the compromised IT system.
Logitech reportedly only confirmed the breach after its name appeared on Cl0p’s data leak site. Cl0p is a notorious ransomware actor who discovered a zero-day vulnerability in Oracle’s E-Business Suite and used it to target hundreds of companies and exfiltrate terabytes of data.
The group now says it pulled nearly 1.8TB of data from Logitech, but we don’t know how much money it asked for in exchange.
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
