IT security giant Entrust says it is investigating suspected data breach in June

Identity management giant Entrust said it was still investigating an alleged ransomware attack that took place in June.

In a statement to The Record, Entrust vice president of communications Ken Kadet said an “unauthorized party” was able to gain access to parts of its system that are used for internal company operations. June 18.

“We quickly opened an investigation with the help of a leading third-party cybersecurity company and notified law enforcement,” Kadet said.

“While our investigation is ongoing, we have found no indication to date that the issue has affected the operation or security of our products and services, which run in separate and isolated environments from our internal systems and are fully operational.”

Kadet declined to answer questions about whether the company suffered a ransomware attack or had data stolen.

But he confirmed that the company has been in contact with some of its customers, including Microsoft, Mastercard, Visa and Square, as well as government agencies such as the Department of Homeland Security, the Treasury Department, the Department of health. & Human Services, the Department of Veterans Affairs, the Department of Agriculture, and the Department of Energy.

Rumors of the attack on Entrust began to emerge last week, when cybersecurity researcher Dominic Alvieri shared a message the company’s CEO emailed customers on July 6 explaining that while the operation and security of their products were not affected by the attack, some files were seized in the incident.

The message sent by Entrust to its customers. (Credit: Dominic Alvieri)

A day later, AdvIntel CEO Vitali Kremez told BleepingComputer that a ransomware group “bought compromised Entrust credentials and used them to breach their internal network.”

Kremez did not specify which group was responsible, and no group has come forward to take credit for the attack.

Yelisey Boguslavskiy, head of threat research at security firm AdvIntel, later told Tech Monitor that “the group behind it is a top player, most likely operationally close and identical to teams like Cl0p, BlackCat, and most importantly, the infiltration of Evil Corp. teams.”

Entrust provides security services and identity management tools to large organizations in the financial, healthcare and government sectors.

Jonathan has worked around the world as a journalist since 2014. Before returning to New York, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

Comments are closed.