Digital risk protection company CloudSEK claims that another cybersecurity firm is behind a recent data breach resulting from the compromise of an employee’s Jira account.
An unidentified party used session cookies for the employee’s Jira account as part of the targeted cyberattack to access various kinds of internal data. The attacker was unable to access the password or the email because the user never used a password to log in but instead relied on single sign-on (SSO) and multi-factor authentication (MFA), according to CloudSEK. The attacker did, however, gain access to three companies’ customers’ names and purchase orders after taking control of the account.
Also Read: Top Four Implementation Impediments for Password less Authentication
According to CloudSEK, no customer data, login credentials, or other information used on the portal were compromised during the incident.
Read More: CloudSEK Blames Another Cybersecurity Firm for Hack
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates