Major Cyber Attack on Qualys Cloud Computing Security Vendor

1057

A cloud computing security vendor named Qualys has made it official that its server farm was hit by a cyber attack that could have allowed hackers to access certain portion of data.

As per the sources reporting to Cybersecurity Insiders, hackers spreading Clop Ransomware could have struck the cloud service provider. However, no valid proof has emerged yet on this note, and so Qualys becoming a victim to ransomware attack is yet to be probed.

Meanwhile, all the 19,000 clients of Qualys that includes Capital One and Experian have been informed on a formal note about the cyber incident and data breach.

Prima facie has revealed that the threat actors could have infiltrated the network of Qualys through a vulnerability gained through Accellion file sharing software. No data related to customers, coding and production environment was accessed in the hack.

Cybersecurity researchers from Mandiant, a cyber arm of FireEye, were asked to investigate the incident and a technical probe is going on full swing.

Note- From the past two years, hackers have been constantly hacking cloud computing platforms as these data based service providers are proving as great data treasure troves for them to earn large on dark web. And it is already official that a file transfer appliance of Accellion became a victim of SQL Injection vulnerability propelled cyber attack that led to data compromise of a range of clients that includes Washington State Auditor office, Bombardier, Jones Day, Kroger, Allens and Steris.

Ad
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security