Thursday, November 7, 2019

Insider Threat - Any/Every organization can be affected. It time that we take "Zero Trust" security model seriously - Trend Micro saw about 100,000 of its consumer customers have their account information stolen



The cybersecurity company said in a statement today the first inkling something was wrong came in August 2019 when some customers complained of receiving scam phone calls from people purportedly from Trend Micro. The information the callers disclosed to their targets during the conversations led the company to believe it had to have come from an insider.

The company said it never calls customers unannounced.

By late October the company was able to fully determine the attack was an inside job. An employee used fraudulent means to gain access to customer support databases, retrieve the data and sell it.

“Our open investigation has confirmed that this was not an external hack, but rather the work of a malicious internal source that engaged in a premeditated infiltration scheme to bypass our sophisticated controls,” the company said.

https://www.scmagazine.com/home/security-news/insider-threats/trend-micro-hit-with-insider-attack/

No comments:

Post a Comment