Logitech, a Swiss multinational manufacturer of computer peripherals and software, has announced that it has suffered a “cybersecurity incident.”
Upon detection, the Lausanne-based tech company immediately took steps to investigate and respond to the incident. Leading cybersecurity specialists from external firms helped to determine the scope and nature of the attack.
Logitech emphasizes that the incident hasn’t impacted the company’s products, business operations, or manufacturing processes. In fact, Logitech believes that an unauthorized party exploited a zero-day vulnerability in a third-party software platform to access and exfiltrate data from its internal IT system.
“The data likely included limited information about employees and consumers, and data relating to customers and suppliers. Logitech does not believe any sensitive personal information, such as national ID numbers or credit card information, was housed in the impacted IT system,” Logitech says in a press release published on Friday.
The tech firm believes that the incident has no “material adverse effect” on the tech company’s financial results or business operations. Relevant authorities have been alerted to the incident.
“Logitech maintains a comprehensive cybersecurity insurance policy, which the company expects will cover costs associated with incident response and forensic investigations, as well as business interruptions, legal actions, and regulatory fines, if any, subject to policy limits and deductibles,” the company reassures stakeholders in its press release.
Although Logitech doesn’t say who’s responsible for the attack, the Cl0p ransomware gang has added the company to its leak website. The gang claims to have stolen almost 1.8TB of data.
According to BleepingComputer, the data breach was likely caused by an Oracle zero-day vulnerability exploited by the Cl0p extortion gang in July.
Cl0p is responsible for numerous cybersecurity incidents involving zero-day vulnerabilities, including the MoveIT Transfer and Fortra GoAnywhere file management software hacks. Security experts estimate that the gang has made between $75 to $100 million from the MOVEit hacks alone.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked