Audio Posts In English

Cylance confirms the legitimacy of data offered for sale in the dark web


A threat actor is selling the data belonging to BlackBerry’s Cylance cybersecurity unit, he demanded $750,000.

A threat actor, that goes online with the moniker Sp1d3r, is selling the stolen data for $750,000. The data includes 34 million customer and employee emails, customer / prospect email and PII, products used by organizations, sales prospect list with activity status, Cylance partners list and users list.

🚨MAJOR DATA FOR SALE🚨A threat actor is allegedly selling data belonging to Cylance customers, partners, and employees database. Price: $750,000.#DarkWeb #Cybersecurity #Security #Cyberattack #Cybercrime #Privacy #Infosec

A total of 34,000,000 million customer and employee…

— Dark Web Informer (@DarkWebInformer) June 7, 2024

BlackBerry told several media outlets that it’s aware of the potential data breach and is investigating the alleged incident.

The company states that data was stolen from a third-party platform and appears to be old.

“Based on our initial reviews of the data in question, no current Cylance customers are impacted, and no sensitive information is involved,” BlackBerry told SecurityWeek. “The data in question was accessed from a third-party platform unrelated to BlackBerry and appears to be from 2015-2018, predating BlackBerry’s acquisition of the Cylance product portfolio.”

“We continue to monitor this situation closely and will take all necessary precautions to maintain the integrity of our products and systems and the trust of our customers,” it added

While several experts believe attackers may have obtained the data from the cloud data platform Snowflake, Cylance pointed out that it is currently not a Snowflake customer.

Data claimed to relate to #Blackberry #Cylance customers, partners, and employees has been put up for sale. The same account is also selling data claimed to relate to QuoteWizard and Advance Auto Parts. #Snowflake?

— Brett Callow (@BrettCallow) June 7, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)