Security Vendor Entrust: Hackers Stole ‘Some Files’ During Recent Data Breach
But Minneapolis-based company says there’s ‘no evidence’ the incident has impacted operations or the ‘security of our products and services’
Security vendor Entrust is confirming that hackers breached its network last month, accessing its systems used for internal operations and stealing some files.
Minneapolis-based Entrust, which describes itself as a global leader in identities, payments, and data protection, was mum on Tuesday about what exactly was stolen during the June 18 breach.
But it suggested in a statement to CRN that it does not believe sensitive customer data was swiped in the attack –and nor were company operations impacted.
[RELATED STORY: THE 10 BIGGEST DATA BREACHES OF 2022 (SO FAR)]
“While our investigation is ongoing, we have found no indication to date that the issue has affected the operation or security of our products and services, which are run in separate, air-gapped environments from our internal systems and are fully operational,” the company said.
“We take seriously our responsibility to protect our systems and have been engaged with our customers on the issue.”
In its statement, Entrust did say it’s been “determined that an unauthorized party accessed certain of our systems used for internal operations. We promptly began an investigation with the assistance of a leading third-party cybersecurity firm and have informed law enforcement.”
The statement issued to CRN and other media outlets on Tuesday made no mention of stolen files.
But in a July 6 memo to customers, Entrust CEO Todd Wilkinson acknowledged that “some files were taken from our internal systems.” He did not elaborate.
The July 6 memo was first reported by security researcher Dominic Alvieri, who tweeted a screenshot of the message from Wilkinson before the memo was taken down by the company.
Entrust security incident dated June 18th.— Dominic Alvieri (@AlvieriD) July 21, 2022
Entrust blog still down on your left and official statement on your right.
No one seen taking credit to date.@Entrust_Corp #cybersecurity #infosec @Cyberknow20 @GossiTheDog @campuscodi @vxunderground @FBI pic.twitter.com/m54y0x1CIJ
Even if it’s determined no sensitive data was taken and no operations disrupted, the incident is still an embarrassment to Entrust, a major security vendor with a number of past and present high-profile customers, including the U.S. Departments of Homeland Security, Treasury, Energy and other fed agencies.
The company boasts of offering a number of services and products dealing with cloud security, encryption and key management.
Earlier this month, SHI International, a major provider of IT products and services around the world, acknowledged that it suffered a “coordinated and professional malware attack” that caused a number of operational disruptions at the company.
It took more than a week for SHI to resolve the majority of its attack-related woes.
Entrust has been stressing that the June 18 intrusion has not “affected the operation or security of our products and services.”
In his July 6 memo to customers, Wilkinson stressed that Entrust will “contact you directly if we learn information that we believe would affect the security of the products and services we provide to your organization.”
He added: “Though our investigation continues, we have no evidence of ongoing unauthorized access to our systems and are implementing additional safeguards to help enhance our security.”