The enterprise management software company LANDESK recently told its employees that their personal information may have been exposed as a result of a data breach, according to investigative reporter Brian Krebs.
The letter, sent to current and former employees on November 18, 2015, states that "it is possible that, through this compromise, hackers obtained personal information, including names and Social Security numbers, of some LANDESK employees and former Wavelink employees."
In a separate statement published on its website on November 25, 2015, the company said, "LANDESK recently became aware of some unusual activity on our IT systems. With the help of a leading computer forensics firm, we took immediate steps to further enhance our security measures and began conducting a thorough investigation to determine what happened."
"In the course of the investigation, we discovered that some personal information may have been exposed for a few former and current employees," the statement adds. "Those employees have been notified, but we have no evidence that any personally identifiable information was exposed for any other employees or for any of our customers. ... We can't comment on the specifics of the investigation, but based on the information we know so far, we have not confirmed a risk to our customers' environments, and there are no known primary attack vectors using LANDESK software."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
Still, an unnamed LANDESK employee told Krebs that the breach dates back to June 2014, and was only discovered when several employees complained about slow Internet speeds. "LANDESK has found remnants of text files with lists of source code and build servers that the attackers compiled," the employee said. "They know for a fact that the attackers have been slowly [archiving] data from the build and source code servers, uploading it to LANDESK's Web servers, and downloading it."
One commenter on Reddit suggested that the breach could be a brilliant move by the attackers, depending on their motives. "They could spend their time working their way into a network over the course of a year or two, or just compromise a deployment tool and get free automated deployments to every company using LANDESK," the commenter wrote. "This is about as brilliant as it is scary."
A eSecurity Planet article offered advice on improving database security.