Exploit: Third-Party Breach (Ransomware)
Qualys: Cybersecurity & Cloud Development
Risk to Small Business: 1.412 = Extreme
Qualys is the latest victim to have suffered a data breach after a zero-day vulnerability in their Accellion FTA server was exploited to steal hosted files. The Clop ransomware gang posted screenshots of files allegedly belonging to the cybersecurity firm including purchase orders, invoices, tax documents and scan reports.
Individual Risk: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: It’s especially damaging for a cybersecurity company to fall victim to something like ransomware. Unfortunately, this problem came through a third-party partner, but potential customers may see a cybersecurity firm that can’t protect itself.