Government Contractor Stormshield Suffers Double Breach
A French cybersecurity company with government clients revealed this week that an unauthorized third party has stolen customer data and some of its source code.
Airbus subsidiary Stormshield counts the French government among its public sector client list. It claimed that attackers targeted a customer portal used by customers and partners to manage support tickets.
“Personal data and technical exchanges associated with certain accounts may have been consulted. We immediately alerted the account owners on the portal and we notified the French authorities. As a precaution, the passwords of all accounts were reset and we applied additional measures to the portal in order to reinforce its security,” it explained in a statement.
“All the support tickets and technical exchanges in the accounts concerned have been reviewed and the results have been communicated to the customers. At the same time, we have also applied similar preventive measures to the Stormshield Institute portal, used for the management of our training courses.”
Alongside the customer breach, the cybersecurity vendor claimed that attackers had also managed to lift some source code related to its Stormshield Network Security (SNS) product, although there are no signs that the code had been modified or any products in production compromised.
“Our teams are mobilized to ensure the best security of our customers’ infrastructures. Thus, as an additional precautionary measure, we have anticipated the replacement of the trusted certificate that signs and ensures the integrity of the SNS releases and updates,” it added.
“New updates have been made available to customers and partners so that their products can work with this new certificate.”
Security experts suggested the attack may have ben state-sponsored, continuing a spate of recent raids on cybersecurity companies.
“Given this was an attack on a government security system and hackers inspected source code, it does not appear to be your typical data thieves looking for low-hanging fruit. The attack could have well been state-sponsored,” argued Paul Bischoff, privacy advocate at Comparitech.com.
“All cyber-attacks are concerning, but those against cybersecurity companies are particularly worrying. This attack will no doubt damage Stormshield’s reputation and future prospects, but time will tell if the French government actually decides to replace Stormshield or stick with it.”