HQ/EMEAFind out how we can help your business
OmniVision, an image sensor firm, issued an advisory stating that it experienced a data breach after the Cactus ransomware penetrated its systems last year.
This affected company is a Chinese Will Semiconductor subsidiary that manufactures imaging sensors for various devices, including smartphones, laptops, webcams, automobiles, medical imaging systems, and more.
According to sources, the letter indicated that OVT became aware of a security breach in September of last year in which an unauthorised third party encrypted its systems. The advice also stated that the company immediately initiated an investigation, with the assistance of a third-party service provider, and notified authorities.
Their research revealed that an unauthorised threat group stole certain personal information from their computers between September 4 and September 30, 2023. In addition, OmniVision stated that its internal investigation into the incident was completed last month and discovered that the attackers obtained personal information from their system.
However, the company did not disclose the full details and the exact number of affected individuals, as they included redacted information in the notification sample.
The Cactus ransomware group claimed to have attacked OmniVision.
Last year, the notorious Cactus ransomware gang claimed responsibility for the OmniVision cyberattack. This malicious group disclosed that it stole a dataset that included passport scans, NDAs, contracts, and confidential documents.
The threat actors then released all the data they had allegedly acquired throughout the attack in a ZIP folder that was freely available for download. Additionally, the alleged attackers removed OmniVision from its extortion page on the dark web.
Cactus ransomware became a known gang for exploiting vulnerabilities in VPN tools to get access to corporate networks while encrypting itself to bypass detection. This threat organisation has also made notable activities despite its relatively new operation after previously targeting major corporations such as Americold and Schneider Electric.
On the other hand, OmniVision implemented efforts to safeguard its environment and detect suspicious activities more quickly to address these issues. Subsequently, they provided the notification recipients with two-year credit monitoring and identity theft protection services.
Individuals who receive notifications from OmniVision should enrol in the program and be wary of unsolicited communications. These recipients should regularly monitor their credit reports and statements and report any unusual behaviour to their banking institution.
