A digital security firm, Entrust, has admitted that it experienced a breach in its network that resulted in the compromise of its network and loss of data from its internal systems.
Entrust is a security company exclusive in providing online trust and identity management. This firm offers various services such as encrypted communications, ID issuance solutions, and secure digital payments.
This recent cybersecurity attack can potentially impact different organisations that utilise Entrust. However, some organisations might not feel the impact depending on what the attackers had stolen.
Suppose the hackers ever stole specific data owned by US sectors. In that case, agencies like the Department of Homeland Security, Department of Agriculture, Department of Health & Human Services, Department of Energy, Department of Veterans Affairs, and Department of the Treasury may suffer the consequences of the ransomware attack.
The hackers have already breached Entrust as early as the last weeks of last month.
The attack against Entrust was completed by the hackers two weeks ago, and the hackers have already stolen troves of corporate data during their intrusion. However, it was not confirmed by the company until recently that the breach occurred if not for a tweet published by a specific individual regarding an advisory coming from Entrust.
A separate researcher later confirmed that the cybersecurity incident was a ransomware attack from a notorious ransomware group. It is still unclear if the devices targeted in this attack were encrypted since ransomware groups commonly steal data before deploying an encryptor for double-extortion tactics.
According to the company’s spokesperson, a separate ransomware operation bought several compromised Entrust credentials from the black market and utilised them to breach their internal network in this latest attack.
The spokesperson also revealed that the adversary depended on the sellers of network access to acquire initial access to the Entrust landscape, which resulted in the encryption chain. Moreover, the acquisition of the network access also led to the exfiltration exposure through a notorious ransomware gang.
Therefore, if Entrust will not pay the ransom demand, the threat actors will likely appear, expose the stolen data, and reveal how they have infiltrated the firm’s network.
