BlackBerry-owned cybersecurity firm Cylance recently confirmed a data breach after reports of customer information appearing for sale on a hacking forum. While Cylance has clarified some details, the source of the leaked data remains shrouded in mystery.
What We Know:
- Data Breach Confirmed: Cylance acknowledges a data breach involving some customer information.
- Information Potentially Exposed: The leaked data might include names, addresses, email addresses, phone numbers, and unique Tile device identifiers for some Cylance customers, partners, and employees.
- Old Marketing Data Claimed: Cylance claims the leaked information appears to be old marketing data from 2015-2018, predating their acquisition by BlackBerry.
What We Don’t Know:
- Source of the Leak: Cylance hasn’t disclosed how the attackers gained access to the leaked data. They deny being a Snowflake customer, previously rumored to be a target of cyberattacks.
- Full Extent of the Breach: The exact nature and scope of the data leak remain unclear.
What Cylance is Doing:
- Investigation: Cylance is working with cybersecurity experts to investigate the breach and determine the source and extent of the leak.
- Customer Notification: Cylance is contacting impacted customers via email to inform them about the breach and the potential risks.
- Security Measures: Cylance assures customers that their current systems and products are secure.
What You Can Do:
- Change Your Password: If you’re a Cylance customer, update your password immediately and consider enabling two-factor authentication.
- Monitor Accounts: Be vigilant for any suspicious activity on your email or financial accounts. Consider placing a temporary fraud alert on your credit report.
- Stay Informed: Keep an eye on Cylance’s official channels for updates on the investigation and any further recommendations.
Lingering Concerns:
While Cylance claims the leaked data is old and not a security risk to current systems, the lack of transparency regarding the source of the leak raises concerns:
- Potential System Vulnerability: If the breach originated from a Cylance system, it raises questions about the security of their current infrastructure.
- Accountability and Trust: The lack of clarity regarding the source of the leak can erode customer trust in Cylance’s ability to protect their data.
Looking Ahead:
Cylance needs to be more forthcoming about the source of the leak to regain customer trust. A thorough investigation and a clear explanation are crucial to move forward. This incident highlights the importance of transparency and robust data security practices in today’s digital landscape.