Home Depot experienced a data breach by one of its SaaS vendors that inadvertently exposed employees’ data. The announcement came after increasingly notorious threat actor IntelBroker leaked the data of approximately 10,000 employees on BreachForum last Thursday. While the third-party vendor was testing their systems, the data exposed includes names, work email addresses and User IDs during.
“Today, I have uploaded the Homedepot.com database for you to download, thanks for reading and enjoy!” wrote IntelBroker on BreachForums.
Recently, IntelBroker has gained notoriety by breaching large organizations and government agencies such as DC Health Link, PandaBuy, Acuity, Hewlett Packard Enterprise and the Weee! grocery service, as well as an alleged breach of General Electric Aviation.
Stephen Gates, Principal Security SME, Horizon3.ai offered this comment:
“It’s clear that traditional cybersecurity measures and approaches used in some third-party environments can fall short in identifying and mitigating exploitable risks effectively. Often, implementing and enforcing security best practices takes a back seat in smaller companies with smaller IT footprints. This is primarily due to not having dedicated security-focused personnel on staff, inadequate security budget, and leaders not fully understanding their risks.
“Often, the mantra is, “We’re just a small software supplier. Why would anyone attack us?” These sorts of supply chain events are only going to grow, and today, supplier security posture management is becoming key to ensuring someone else’s risk does not transfer upstream to you.”
Dave Ratner, CEO, HYAS followed with this:
“People need to realize that increasingly, the breach happens not because of lack of security in your organization but due to a breach in a SaaS application, third-party, or vendor in the supply chain. It highlights the critical need for cyber resiliency approaches that not only assume breaches occur but have the visibility, capability, and controls to detect them early in the kill chain and stop them before data is leaked or damage occurs.”
Craig Harber, Security Evangelist: Open Systems had this comment:
“The Home Depot data breach highlights the importance of companies implementing third-party risk management. To protect their customers, companies must implement consistent security standards across their entire business ecosystem to help mitigate cyber-attacks originating through partner and supplier systems.
“Most modern businesses depend on third-party partners. Unfortunately, these partnerships introduce inherent risks because the resulting interconnected IT/business systems do not deliver the critical trust relationship to prevent supply chain attacks, data breaches, and reputation damage.
“In this case, a SaaS vendor accidentally leaked the personally identifiable information (PII) of 10,000 employees. This information was exposed by a well-known threat actor, IntelBroker, on their data leak site. The attackers are likely to exploit this data for targeted phishing campaigns to gain credentials and infect Home Depot’s corporate network with ransomware.
“To prevent further occurrences, security teams must implement consistent security standards across the entire business ecosystem, including all its subsidiaries’ IT/business systems. Consistent security practices include requiring prompt and regular patching of system vulnerabilities and implementing multi-factor authentication to prevent exploitation.”
Supply chain attacks are real and likely happen more often than you think. Thus you have to force the companies that you work with to be on the same page as you when it comes to security. Otherwise, pwnage through no fault of your own is never far away.
UPDATE: Paul Valente, CEO and Co-founder, VISO TRUST:
“For many companies, third party risk is just a compliance checkbox. Home Depot got lucky this time, but the incident highlights how companies need to do more to elevate third party risk management. While some breaches are inevitable, using the latest AI-assisted TPRM approaches companies can avoid these types of breaches.”
Like this:
Like Loading...
Related
This entry was posted on April 9, 2024 at 8:30 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
IntelBroker Strikes Again By Pwning Home Depot
Home Depot experienced a data breach by one of its SaaS vendors that inadvertently exposed employees’ data. The announcement came after increasingly notorious threat actor IntelBroker leaked the data of approximately 10,000 employees on BreachForum last Thursday. While the third-party vendor was testing their systems, the data exposed includes names, work email addresses and User IDs during.
“Today, I have uploaded the Homedepot.com database for you to download, thanks for reading and enjoy!” wrote IntelBroker on BreachForums.
Recently, IntelBroker has gained notoriety by breaching large organizations and government agencies such as DC Health Link, PandaBuy, Acuity, Hewlett Packard Enterprise and the Weee! grocery service, as well as an alleged breach of General Electric Aviation.
Stephen Gates, Principal Security SME, Horizon3.ai offered this comment:
“It’s clear that traditional cybersecurity measures and approaches used in some third-party environments can fall short in identifying and mitigating exploitable risks effectively. Often, implementing and enforcing security best practices takes a back seat in smaller companies with smaller IT footprints. This is primarily due to not having dedicated security-focused personnel on staff, inadequate security budget, and leaders not fully understanding their risks.
“Often, the mantra is, “We’re just a small software supplier. Why would anyone attack us?” These sorts of supply chain events are only going to grow, and today, supplier security posture management is becoming key to ensuring someone else’s risk does not transfer upstream to you.”
Dave Ratner, CEO, HYAS followed with this:
“People need to realize that increasingly, the breach happens not because of lack of security in your organization but due to a breach in a SaaS application, third-party, or vendor in the supply chain. It highlights the critical need for cyber resiliency approaches that not only assume breaches occur but have the visibility, capability, and controls to detect them early in the kill chain and stop them before data is leaked or damage occurs.”
Craig Harber, Security Evangelist: Open Systems had this comment:
“The Home Depot data breach highlights the importance of companies implementing third-party risk management. To protect their customers, companies must implement consistent security standards across their entire business ecosystem to help mitigate cyber-attacks originating through partner and supplier systems.
“Most modern businesses depend on third-party partners. Unfortunately, these partnerships introduce inherent risks because the resulting interconnected IT/business systems do not deliver the critical trust relationship to prevent supply chain attacks, data breaches, and reputation damage.
“In this case, a SaaS vendor accidentally leaked the personally identifiable information (PII) of 10,000 employees. This information was exposed by a well-known threat actor, IntelBroker, on their data leak site. The attackers are likely to exploit this data for targeted phishing campaigns to gain credentials and infect Home Depot’s corporate network with ransomware.
“To prevent further occurrences, security teams must implement consistent security standards across the entire business ecosystem, including all its subsidiaries’ IT/business systems. Consistent security practices include requiring prompt and regular patching of system vulnerabilities and implementing multi-factor authentication to prevent exploitation.”
Supply chain attacks are real and likely happen more often than you think. Thus you have to force the companies that you work with to be on the same page as you when it comes to security. Otherwise, pwnage through no fault of your own is never far away.
UPDATE: Paul Valente, CEO and Co-founder, VISO TRUST:
“For many companies, third party risk is just a compliance checkbox. Home Depot got lucky this time, but the incident highlights how companies need to do more to elevate third party risk management. While some breaches are inevitable, using the latest AI-assisted TPRM approaches companies can avoid these types of breaches.”
Share this:
Like this:
Related
This entry was posted on April 9, 2024 at 8:30 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.