Cybersecurity firm Cylance has confirmed falling victim to a cyberattack, saying data being sold on the dark web is legitimate.
Reporting on the news, BleepingComputer said the company lost 34 million emails and other personally identifiable information (PII) belonging to both customers, employees, and partners.
This database is now being sold for $750,000, with the seller going by the name Sp1d3r, seemingly the same individual that recently broke into, and stole sensitive information from Advance Auto Parts. The hacker was selling this database, holding 380 million customer profiles, for $1.5 million.
Old data
Advance Auto Parts is one of many victims broken into via Snowflake, a major cloud service provider.
However, in a statement to BleepingComputer, BlackBerry Cylance said that the breach is not related to Snowflake and that the data being sold now is relatively old. BlackBerry Cylance said it was “aware and investigating” the claims made on the dark web, before adding that no “BlackBerry data and systems related to [..] customers, products, and operations have been compromised.”
“Based on our initial reviews of the data in question, no current Cylance customers are impacted, and no sensitive information is involved,” the company added.
“The data in question was accessed from a third-party platform unrelated to BlackBerry and appears to be from 2015-2018, predating BlackBerry’s acquisition of the Cylance product portfolio.”
“BlackBerry Cylance is not a Snowflake customer,” the company said.
Once a giant in consumer mobile technology, BlackBerry was selling more than 50 million devices at one point. Similarly to Nokia, however, the company did not properly adjust to Android and iPhone devices surging in popularity, and thus slowly faded into obscurity. In 2016, the company stopped making phones and pivoted towards enterprise services and, more notably, cybersecurity. In 2019, the company made its biggest acquisition to date, spending $1.4bn on Cylance.