Pitney Bowes Hit by Ransomware for Second Time
May 13, 2020
CCME (4607 articles)
Share

Pitney Bowes Hit by Ransomware for Second Time

A major mailing technology firm has been hit by ransomware for the second time in just seven months, after the notorious Maze gang struck.

The group is known for stealing sensitive files from targeted organizations before encrypting systems, in order to force a ransom payment.

This is what it appears to have done with US firm Pitney Bowes, although it claimed that the encryption part was unsuccessful.

“Recently, we detected a security incident related to Maze ransomware. We are investigating the scope of the attack, specifically the type of data that had been accessed, which appears to be limited,” noted a statement from the firm.

“Working with our third-party security consultants, we immediately took critical steps to thwart the attack before data could be encrypted. At this point, there is no evidence of further unauthorized access to our IT systems. The investigation remains ongoing.”

However, screenshots posted by Maze seem to indicate that information on employees, and sensitive financial and customer data, may be in the hands of the attackers.

The previous attack on Pitney Bowes is believed to have been carried out by the equally prolific Ryuk group.

At the time the firm admitted that it had “encrypted information on some systems and disrupted customer access to our services.” These included SendPro products, postage refill and Your Account access.

According to Microsoft, Maze is one of several groups that have been targeting hospitals during the COVID-19 crisis, with sophisticated attack techniques more akin to APT groups, including credential theft, lateral movement, reconnaissance, persistence and data exfiltration.

In the past it has been known to target virtual desktop endpoints without multi-factor authentication, end-of-life platforms like Windows Server 2003, misconfigured web servers and vulnerabilities in Citrix Application Delivery Controller (ADC) and Pulse Secure VPN systems.

This post Pitney Bowes Hit by Ransomware for Second Time originally appeared on InfoSecurity Magazine.

Read More

Related articles

New Marriott Data Breach Affects 5.2 Million Guests

New Marriott Data Breach Affects 5.2 Million Guests

Cloud Exposes SMBs to Attack as Human Error Grows

Cloud Exposes SMBs to Attack as Human Error Grows

APT28 Hacking Group Attacking Sporting Organizations Around the World Using Custom Malware

APT28 Hacking Group Attacking Sporting Organizations Around the World Using Custom Malware