HQ/EMEAFind out how we can help your business
The American software company specialising in crisis management and public warning solutions, Everbridge, notified its customers about unknown attackers that had breached its network, which stores business and user data.
According to reports, the company has about 6,500 customers globally for whom it provides public warning, crisis management, and risk intelligence. Some notable entities that employ its services include Hartsfield-Jackson Atlanta International Airport and countries such as Norway and Australia.
Everbridge suffered the breach due to leaked information from a previous phishing campaign.
Investigations claimed that the attackers that breached the Everbridge network last week could hack its business networks using information stolen from a prior phishing assault on some of its workers.
Still, a company representative disclosed in a report that they have yet to find indications of a ransomware attack. Moreover, they have already notified relevant law enforcement agencies about the situation.
The company stated that it is aware that the unauthorised party responsible for this activity has accessed a limited number of files on its corporate network that contain certain business-related data, including instances of admin user and limited other users’ contact information, information about the subscribed Everbridge services, and enabled access methods.
However, the investigation allegedly discovered that the threat actors acquired consumer information, and those affected were already alerted. Everbridge is collaborating with incident response professionals to determine the severity and effect of the attack.
Given the growing risk of phishing attempts, Everbridge advised each account administrator on detecting and protecting against such attacks and invited customers to set up multi-factor authentication (MFA). The company said they will make this extra layer of security mandatory on all accounts this week.
Furthermore, the company urged its customers to follow its instructions so they can accelerate the enforcement of MFA for all of them in the coming days. Therefore, potentially affected individuals should be knowledgeable of these current events, as the threat actors could use the alleged stolen information to execute other forms of malicious activity, such as phishing attacks or fraud.
