After suffering a ransomware attack last October that left several systems inaccessible, mailing equipment manufacturer Pitney Bowes reports that it recently blocked another ransomware attack before any data was encrypted and says there’s “no evidence of further unauthorized access to our IT systems.”
See Also: Role of Deception in the ‘New Normal’
In the latest incident, the manufacturer says it was targeted by the operators behind the Maze ransomware variant. The company did say when the incident happened or if it has been contacted by cybercriminals concerning a ransom payment.
“Recently, we detected a security incident related to Maze ransomware. We are investigating the scope of the attack, specifically the type of data that had been accessed, which appears to be limited,” a Pitney Bowes spokesperson tells Information Security Media Group on Monday. “Working with our third-party security consultants, we immediately took critical steps to thwart the attack before data could be encrypted. At this point, there is no evidence of further unauthorized access to our IT systems.”
The incident is still under investigation by Pitney Bowes and law enforcement, a company spokesperson says.
Previous Attack
Stamford, Connecticut-based Pitney Bowes offers a number of mailing and postage services as well as postal meters and shipping software. The company posted $3.2 billion in annual revenue last year, when it employed 11,000, according to financial documents.
In October, the company announced that a ransomware attack disrupted customers’ ability to access its postage supply web store as well as to automatically upload envelope-printing transactions (see: Pitney Bowes Says Ransomware Behind System Outages.)
At the time, Pitney Bowes noted that there was no evidence that customer or employee data had been improperly accessed.
Pitney Bowes did not say what strain of ransomware infected its network in October, although some news reports suggested it was Ryuk.
Maze Methods
The Maze gang posted work and personal email addresses for three Pitney Bowes executives on it darknet site, showing that perhaps it was able to access at least some parts of the company’s network, according to a screenshot obtained by security firm Emsisoft and shared with ISMG.
ZDNet reported that Maze also posted screenshots of directory listings taken from Pitney Bowes’ corporate network.
Maze followed a similar strategy of posting executives’ email addresses when the gang targeted insurance giant Chubb in late March. The posting of these tidbits of data apparently is one way the operators of Maze attempt to put pressure on a targeted company to pay the ransom (see: Insurer Chubb Investigating ‘Security Incident’).
In late 2019, Maze became…
Mandatory Privacy-Breach Reporting Coming to B.C. Public Sector
As of February 1, 2023, public bodies in British Columbia (B.C.) will be required to repor…
Schrems II Judgment Day
The Court of Justice of the European Union (“CJEU“) issued its judgment today in …
