Even though it was a victim just seven months ago, shipping equipment vendor Pitney Bowes has fallen to a second ransomware attack that saw the thieves able to make off with sensitive customer data.
The Maze ransomware group published photos of Pitney Bowes directory listings to prove that they had breached the company’s network and possessed their data, and published personal information of many senior executives along with insurance and retail clients.
Pitney Bowes fell victim to the Ryuk ransomware menace last October and apparently has been unable to develop security protocols and systems that can prevent such attempts in the future.
On Monday May 4, 2020 Pitney Bowes was the target of a ransomware attack. Pitney Bowes products and services remained operational and were unaffected by the attack. Our security team and tools identified and stopped the attackers before they were able to encrypt any data or services. However, the attackers did manage to gain access to a limited set of corporate file shares. These file shares contained information used by our business teams and functional groups to conduct business-related activities…
Due to Pitney Bowes security controls and alerts, the ransomware attack was stopped before any information could be encrypted, including further protections through use of tools and processes, such as:
- End point detection and response advanced threat protection tooling, which identified the malicious behavior and prevented the encryption malware from executing.
- Privileged Account Access management solution, which requires dual factor authentication and single use passwords.
- Security Incident and Event operations allowed us to quickly identify the attack and effectively minimize the time between intrusion and detection/response.