cyber Vulnerability

Gen™

Oct 4, 2023 1 min read
Gen™

Gen Digital claimed to have been a victim of a cyberattack, and threat actors had taken advantage of the recently discovered MOVEit Transfer vulnerability CVE-2023-34362.

The business acknowledged that threat actors had access to employee personal data.

Names, residences, dates of birth, and corporate email addresses are among the data that have been exposed.

The business informed the concerned third parties as well as the data protection authorities.

Source: https://securityaffairs.com/147739/cyber-crime/gen-digital-moveit-ransomware-attack.html

TPRM report: https://scoringcyber.rankiteo.com/company/gendigitalinc

"id": "gen111718923",
"linkid": "gendigitalinc",
"type": "Data Leak",
"date": "06/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Technology',
                        'name': 'Gen Digital',
                        'type': 'Company'}],
 'attack_vector': 'Exploiting software vulnerability',
 'data_breach': {'personally_identifiable_information': ['Names',
                                                         'Residences',
                                                         'Dates of birth',
                                                         'Corporate email '
                                                         'addresses'],
                 'sensitivity_of_data': ['High'],
                 'type_of_data_compromised': ['Personal Information']},
 'description': 'Gen Digital claimed to have been a victim of a cyberattack, '
                'and threat actors had taken advantage of the recently '
                'discovered MOVEit Transfer vulnerability CVE-2023-34362. The '
                'business acknowledged that threat actors had access to '
                'employee personal data. Names, residences, dates of birth, '
                'and corporate email addresses are among the data that have '
                'been exposed. The business informed the concerned third '
                'parties as well as the data protection authorities.',
 'impact': {'data_compromised': ['Names',
                                 'Residences',
                                 'Dates of birth',
                                 'Corporate email addresses']},
 'regulatory_compliance': {'regulatory_notifications': ['Informed data '
                                                        'protection '
                                                        'authorities']},
 'response': {'communication_strategy': ['Informed concerned third parties and '
                                         'data protection authorities']},
 'title': 'Gen Digital Cyberattack',
 'type': 'Data Breach',
 'vulnerability_exploited': 'CVE-2023-34362'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.