Shadow PC, a company that offers premium cloud computing services, is alerting clients about a data breach that exposed clients' private information because a threat actor allegedly plans to sell the stolen information to over 500,000 clients.
According to numerous warnings from Shadow customers that were provided to Bleeping Computer, the business has started delivering data breach alerts as a result of a successful social engineering campaign that targeted its workers.
The malware that was downloaded was an info-stealer that had been successful in stealing an authentication cookie, which gave the hackers access to the administration interface of one of the company's SaaS suppliers.
Shadow's warning makes it clear that no account passwords or other sensitive payment or banking information were exposed as a result of the incident.
"id": "SHA1041171023",
"linkid": "shadowpc",
"type": "Breach",
"date": "10/2023",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"