A hacker shared a long list of sensitive data belonging to 900 companies on a hacker forum whose members are particularly fond of ransomware. The list shared on the forum includes the usernames and passwords of the Pulse Secure VPN servers, as well as the IP addresses, the SSH keys of the servers, a list of local users and their passwords, VPN session cookies, as well as details regarding the administrator accounts of the 900 companies. In other words, it is particularly sensitive and complete information that has been shared on the hacker forum.
Obviously, the risks of hacking are enormous and the companies affected by this data theft have every interest in quickly patching their VPN and changing their username. According to Channel News, Pulse Secure contacted all the companies likely to be impacted by this data theft and invited them to patch their VPN.
A flaw ignored by companies
The disclosure of usernames and passwords could indeed allow hackers to infiltrate the internal networks of companies, in order to take control. They could thus block access and demand a ransom from their victims. Since the list of sensitive data has been shared on a hacker site, there is a good chance that some have already been the target of attacks.
According to the Bad Packets company, contacted by ZDNet, the loophole through which hackers infiltrated to steal all this data was reported last year. Unfortunately, few companies had bothered to patch their VPNs to address the vulnerability.
High Tech
Canon: Japanese company victim of ransomware
High Tech
Google: VPN downloaded 100 million times removed from Play Store due to security breach
- Personal data
- Phishing
- Pirate
- Password
- Hacker
- Cybercriminality
- High Tech
- Cybersecurity
- Cyber attack