25 July 2022

Digital security giant Entrust hit with ransomware


Digital security giant Entrust hit with ransomware

Entrust Group, a US-based company that offers a wide range of security services to many organizations, has reportedly suffered a ransomware attack, in which the attackers have breached the company’s internal systems and stolen corporate data.

Entrust provides identity-based security software and services in the areas of public key infrastructure (PKI), multi-factor authentication, Secure Socket Layer certificates, fraud detection, digital certificates, and mobile authentication. The company provides security services to multiple US government agencies, such as the Department of Homeland Security, the Department of Energy, the Department of the Treasury, the Department of Health & Human Services, the Department of Veterans Affairs, the Department of Agriculture, and many others.

According to a security notice Entrust sent to its customers and shared online by the security researcher Dominic Alvieri, the incident took place on June 18. So far, there has been no evidence that the attack affected the operation or security of the company’s products and services, Entrust CEO Todd Wilkinson said.

The security notice confirms that data was stolen from Entrust's internal systems, but doesn’t provide additional information about what data the hackers got access to.

AdvIntel CEO Vitali Kremez told the tech news website BleepingComputer that a well-known ransomware gang was behind the intrusion. He said that the ransomware group breached Entrust’s internal systems using compromised credentials they purchased from network access sellers.

“The responsible group operation relied on the trusted network of network access sellers to obtain initial access to Entrust environment which led to the subsequent encryption and exfiltration exposure via a known ransomware group,” Kremez said.

Currently, it’s not clear what ransomware operation is responsible for this attack.

Back to the list

Latest Posts

Bleed You campaign exploits Windows IKE RCE to deploy ransomware

Bleed You campaign exploits Windows IKE RCE to deploy ransomware

Hackers have been targeting weak or vulnerable Windows OS, Windows Servers, Windows protocols, and services.
29 November 2022
Popular TikTok “Invisible Body” challenge used to spread malware

Popular TikTok “Invisible Body” challenge used to spread malware

The malicious video reached over a million views in just a couple of days after it was posted.
29 November 2022
Meta fined €265M over a massive 2021 Facebook data leak

Meta fined €265M over a massive 2021 Facebook data leak

Since 2021, the DPC has slapped Meta, Instagram and WhatsApp with €912 million in fines for alleged violations of GDPR.
29 November 2022