The firm disclosed the incident on its blog on May 10, alleging that it took place on May 8 where hackers acquired access to SharePoint and the Dragos contract management system by compromising a new sales employee’s personal email address before the employee’s start date. The hacker then impersonated the employee to complete the first steps of Dragos’ employee-onboarding procedure using the stolen personal information from the hack.
After infiltrating Dragos’ SharePoint cloud platform, the hackers apparently downloaded “general use data” and access 25 intel reports, generally only made available to the customers.
“Dragos’ swift response prevented the threat group from achieving its objective — the deployment of ransomware — or to engage in further activity, such as lateral movement, escalating privileges, establishing persistent access, or making changes to any Dragos infrastructure[…]No Dragos systems were breached, including anything related to the Dragos Platform,” the company noted.
Due to role-based access control (RBAC) regulations, the threat actors were unable to access several Dragos systems during the 16 hours they had access to the employee’s account, including its messaging, IT helpdesk, finance, request for proposal (RFP), employee recognition, and marketing sys
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: