Sign up for our newsletter
Technology / Cybersecurity

4 cyber security companies that got hacked themselves

There have been several major cyber-attacks on large firms in recent years, with those on TalkTalk and Ashley Madison making the headlines last year.

While there are many companies selling solutions designed to protect customers, these companies have often been the victims of such attacks themselves.

CBR rounds up some of the biggest attacks on cyber security firms. The lesson is perhaps not that these companies are poorly equipped to provide the security services they offer, but that potentially any company could be the victim of an attack.


White papers from our partners

1. Kaspersky

Revealed: June 2015

The security firm revealed the hack in a blog post from founder Eugene Kaspersky. He said that the thinking behind the attack was a generation ahead of anything the firm had seen before.

Attackers were interested in learning about Kaspersky technologies, he said. The firm detected the activity using the alpha version of the Anti-APT solution.

Kaspersky said that the company was "quite confident that there [was] a nation state behind it."

"Governments attacking IT security companies is simply outrageous," Kaspersky wrote, although he added that the company would not be attributing the attack.

Kaspersky derided the hackers for exposing their "very expensive technologically-advanced framework", saying that attacking his firm was "hardly the smart move."

He added that Kaspersky’s products and services had not been compromised and customers faced no risks at all due to the breach.


2. LastPass

Revealed: June 2015

LastPass, a third-party storer of multiple user passwords, is an obvious target for hackers – a centralised database of passwords could be a devastating tool in the hands of an attacker.

Like Kaspersky, LastPass took an upfront approach to the hack, disclosing what happened.

LastPass responded with dozens of changes, including furthering its timeline for implementing Hardware Security Modules. These are used by organisations to manage, process and store cryptographic keys.

LastPass said that master passwords were not exposed, since the company never has access to this information. Passwords and other data including form fill profiles, secure notes and site usernames stored in customers’ LastPass vaults were not exposed as these encrypted vaults were not compromised.

"Our security and processes worked as designed, and customer data was, and is, protected," wrote LastPass in a blog.



3. BitDefender

Revealed: July 2015

The Romanian cyber security firm was targeted by a hacker who possibly compromised 400 million customers’ accounts.

The company refused to pay the ransom and details of several customers were leaked online by DetoxRansome, the hacker.

Embarrassingly for BitDefender, the customer data was unencrypted, meaning once accessed it could be published.

BitDefender said that the hacker was targeting a single application and so the hacker only gained access to a relatively small number of the company’s customers.

The hack was, according to BitDefender, the result of a human error: a single server was deployed during an infrastructure increase which had an outdated software package with a known flaw.


4. Cyberoam

Revealed: January 2016

The Indian security firm was hit right at the end of 2015 with a hack that may have resulted in leakage of its database that contained customer and partner personal details.

This information included customer names, phone numbers, email addresses, company names, according to the report in BusinessLine.

Cyberoam said that the incident had not affected the security effectiveness of its products.

The report said that a security research encountered a hacker on the dark web who was willing to sell the database for 100 bitcoins, worth roughly £30,000.

Cyberoam was acquired by UK cyber security firm Sophos in 2014.

This article is from the CBROnline archive: some formatting and images may not be present.