Business consulting firm Frost & Sullivan has been the target of a data breach, with employee and customer information being offered for sale on a hacker forum, according to a report from Bleeping Computer.
Founded in 1961 and based in Mountain View, California, Frost & Sullivan offers growth strategy consulting, market research and analysis, and corporate training services to a range of industries. The company has more than 1,800 employees across 40 offices on six continents.
The data breach targeted an unsecured backup folder containing databases and company documents on one of Frost & Sullivan’s public servers. Threat actor KelvinSecurity Team posted the data for sale on a hacker forum last Monday, saying that it held 6,000 customer records and 6,146 employee records. The data includes first and last names, login names, email addresses, and hashed passwords.
Hashed passwords can be deciphered, and then used to access company accounts, or accounts on other sites where users have repeated the same password. This can be combatted to an extent by the use of strong and unique passwords, two-factor authentication, and biometric authentication.KelvinSecurity is a probable Russian hacking organization with a strong presence on dark web forums, according to InfoArmor (IA), an Allstate company. IA says that KelvinSecurity’s overall purpose lies in showcasing their hacking credibility and disrupting for disruption’s sake.
The hackers say they tried to contact Frost & Sullivan first, and then decided to post the information for sale in order to generate “alarm.”
“It was not a purpose to take a database and sell it. We have tried to get in contact, but like many companies, they do not answer our requests, and we sell the database to generate an alarm and quote with these companies,” KelvinSecurity Team told BleepingComputer.
Frost & Sullivan has yet to comment on the data breach.
In 2017, Deloitte US was the victim of a cyberattack that affected the data of a small number of clients. “No disruption has occurred to client businesses, to Deloitte’s ability to continue to serve clients, or to consumers,” Deloitte said in a September 2017 statement.
In April 2019, IT consultancy Wipro said its network was used to mount attacks on its clients. Through an advanced phishing campaign, hackers gained access to the firm’s corporate email system, and then pivoted to reach into customer networks.