Security provider Stormshield revealed a security incident this week that resulted in unauthorized access to a technical portal and a “leakage” of some parts of the SNS (Stormshield Network Security) source code.

Customers and partners use Stormshield’s technical portal for the management of their support tickets on products. Personal data and technical exchanges associated with certain accounts may have ended up compromised.

Stormshield is a wholly-owned subsidiary of France-based cybersecurity company Airbus CyberSecurity, and it provides network security, endpoint security and data security solutions.

The company said upon learning about the breach, it alerted account owners on the portal and notified French authorities. As a precaution, the company reset the passwords of all accounts and then applied additional measures to the portal in order to reinforce its security.

All support tickets and technical exchanges have undergone review and the respective users learned the results. In addition, the company applied similar preventive measures to the Stormshield Institute portal, used for the management of training courses.

Schneider Bold

Further investigations found “the leakage” of some parts of the SNS (Stormshield Network Security) source code.

“As of today, the in-depth analysis carried out with the support of the relevant authorities has not identified any evidence of illegitimate modification in the code, nor have any of the Stormshield products in operation been compromised,” the company said in a release.

“As an additional precautionary measure, we have anticipated the replacement of the trusted certificate that signs and ensures the integrity of the SNS (Stormshield Network Security) releases and updates,” the company said. “New updates have been made available to customers and partners so that their products can work with this new certificate.”

ISSSource

Pin It on Pinterest

Share This