Thursday, November 24, 2016

Data Breach - Online Accounting Firm

(November 24, 2016) An online Palo Alto headquartered accounting firm has suffered a data breach. Initial findings suggest that as much as 80 Gb of emails and accounting data were sent offsite by key loggers installed on the computers in the company, resulting in the loss of accounting information including, payroll, financial details and credential pairs (user names and passwords) for its clients which included at least three cyber security companies, two online real estate companies, and several smaller online application providers. 

The breach appears to have occurred as the result of a key-logged patient-zero account that stole data from the company for approximately nine months (March - November, 2016). Wapack Labs has identified at least 30 victims. The accounting firm boasts hundreds of clients on their website. 

Analysis continues. 

Wapack Labs contacted the company via the customer service line listed on the website and was referred to the company's CEO. Two unsuccessful attempts have been made to date.

UPDATE: CEO notified 11/24/16.