On the finish of September, we have been the sufferer of a social engineering assault concentrating on considered one of our workers. This extremely subtle assault started on the Discord platform with the downloading of malware beneath cowl of a sport on the Steam platform, proposed by an acquaintance of our worker, himself a sufferer of the identical assault.
Our safety staff took speedy motion. Regardless of our actions, the attacker was capable of exploit one of many stolen cookies to connect with the administration interface of considered one of our SaaS suppliers. Because of this cookie, now deactivated, the attacker was capable of extract, through our SaaS supplier’s API, sure non-public details about you.
/cdn.vox-cdn.com/uploads/chorus_asset/file/24998948/Shadow___Creation_on_MacBook.jpg&description=PC%20streaming%20service%20Shadow%20discloses%20safety%20breach){kind=link}