Frost & Sullivan employee, customer data for sale on dark web

A group is hawking records of more than 12,000 Frost & Sullivan’s employees and customers on a hacker folder.

“The breach occurred to a misconfigured backup directory on one of Frost and Sullivan public-facing servers,” Cyble CEO Beenu Arora said in a BleepingComputer report. “The backup directory had its employees and customers records, along with other confidential information.”

The KelvinSecurity Team said they put the information – which includes names, email addresses, company contacts, login names and hashed passwords – for sale in a hacking forum to sound the “alarm” after Frost & Sullivan didn’t respond to the group’s attempt to alert it to the exposed database.

“As some hashed passwords can be easily deciphered, cybercriminals can use this information to log in to Frost & Sullivan’s database as the employee, gaining access to client personal information and other employee details,” said Jumio CEO Robert Prigge. “As enterprises across all industries have trusted Frost & Sullivan for over 60 years, the company has a responsibility to keep customer and employee data safe, as do all companies with a digital presence.”

Ben Goodman, senior vice president of global business and corporate development at ForgeRock, called for organizations to “end the need for usernames and passwords during the login experience” to prevent breached login credentials from being used for credential stuffing attacks or targeted account hijacking.”

This article originally appeared in SCMagazine.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Previous Article

Belgium-based ethical hacking platform Intigriti raises €4 million

Next Article
email opt-in

Not Everyone Wants Your Email

Related Posts

Subscribe to TheCustomer Report

Customer Enlightenment Delivered Daily.

    Get the latest insights, tips, and technologies to help you build and protect your customer estate.