Security Giant Entrust Breached and Data Stolen

[plat]

Content source

https://www.bleepingcomputer.com/news/security/digital-security-giant-entrust-breached-by-ransomware-gang/

Approximately two weeks ago, a source told BleepingComputer that Entrust was breached on June 18th and that the hackers stole corporate data during the cyberattack.

However, it wasn't until yesterday that the breach was publicly confirmed when security researcher Dominic Alvieri tweeted a screenshot of a security notice sent to Entrust's customers on July 6th.

"I am writing to let you know that on June 18, we learned that an unauthorized party accessed certain of our systems used for internal operations. We have been working tirelessly to remediate this situation since that moment," reads a security notice from Entrust CEO Todd Wilkinson.

"The first thing I want to tell you is that, although our investigation is ongoing, we have found no indication to date that the issue has affected the operation or security of our products and services."

The security notice confirms that data was stolen from Entrust's internal systems. However, it is not known at this time if this is purely corporate data or customers' and vendors' as well.

More info about Entrust, the company. I consider this "incident" a pretty serious blow to their creds.

Entrust | Identities, secure payments, and protected data

Entrust is a trusted global leader in identity, payments, and data security solutions. Learn more about our cutting-edge solutions.

www.entrust.com

 

[Dave Russo]

I consider this "incident" a pretty serious blow to their creds.
Agreed, with their protection breeched (my guess inside job) great opportunity for rival security company's

Top Entrust Alternatives​

• Duo
• Microsoft
• RSA
• SecureAuth
• Broadcom (Symantec)
• IBM
• Ping Identity
• SecurEnvoy

 

[ScandinavianFish]

More like untrust(ed)

 

[plat]

Hmmm. Applicable to this one? Others?

Spoiler

Courtesy of @Emsisoft on Twitter.

 

[plat]

LockBit ransomware group steps up and claims responsibility.

LockBit claims ransomware attack on security giant Entrust, leaks data

The LockBit ransomware gang has claimed responsibility for the June cyberattack on digital security giant Entrust.

www.bleepingcomputer.com

When ransomware gangs publish data on their data leak sites, they usually leak data over time to scare the victim into returning to the negotiation table.

As LockBit states that they will publish all data, it indicates that Entrust has not negotiated with the ransomware operation or refuses to give in to their demands.

BleepingComputer has reached out to Entrust for further confirmation on the LockBit attack but has not heard back at this time.

However, LockBit claiming of the attack supports what sourced had told BleepingComputer previously about who was responsible.

LockBit is considered one of the most active ransomware operations at this time, with its public-facing operation 'LockBitSupp' actively engaging with threat actors and cybersecurity researchers.

 

[plat]

It seems the LockBit sites are getting DDoS'ed following the Entrust data leak so the operators are asking for temporary housing for their Entrust data-loot.

Spoiler

 

[upnorth]

The LockBit ransomware group last week claimed responsibility for an attack on cybersecurity vendor in June. The high-profile gang is now apparently under a distributed denial-of-service (DDoS) because of it. Azim Shukuhi, a cybersecurity researcher with Cisco's Talos threat intelligence group, wrote in a tweet over the weekend that "someone is DDoSing the Lockbit blog hard right now." LockBitSupp, the public face of LockBit that interacts with companies and cybersecurity researchers, told Shukuhi that the group's data leak site was getting 400 requests a second from more than 1,000 servers and that the group promised to add more resources to the site and to "drain the ddosers money," he wrote.

LockBit gang hit by DDoS attack after Entrust leaks

Prolific group pummeled days after claiming to be file thief behind attack on cybersecurity vendor

www.theregister.com

 

[plat]

LockBit is back with a literal vengeance! Was it ever confirmed that Entrust was behind the initial DDoS attack or is it still speculation?

LockBit ransomware gang gets aggressive with triple-extortion tactic

LockBit ransomware gang announced that it is improving defenses against distributed denial-of-service (DDoS) attacks and working to take the operation to triple extortion level.

www.bleepingcomputer.com

The DDoS attack last weekend that put a temporary stop to leaking Entrust data was seen as an opportunity to explore the triple extortion tactic to apply more pressure on victims to pay a ransom.

LockBitSupp said that the ransomware operator is now looking to add DDoS as an extortion tactic on top of encrypting data and leaking it.

“I am looking for dudosers [DDoSers] in the team, most likely now we will attack targets and provide triple extortion, encryption + date leak + dudos, because I have felt the power of dudos and how it invigorates and makes life more interesting,” LockBitSupp wrote in a post on a hacker forum.

The gang also promised to share over torrent 300GB of data stolen from Entrust so “the whole world will know your secrets.”

LockBit’s spokesperson said that they would share the Entrust data leak privately with anyone that contacts them before making it available over torrent.

It appears that LockBit has kept its promise and released this weekend a torrent called “entrust.com” with 343GB of files.