European data centre service provider Interxion has been hacked, and information about its users compromised, the media have reported on Tuesday.
According to a report by computer security portal Graham Cluley (opens in new tab), the company had sent out emails to its customers, saying there has been a breach and that some data was compromised.
The email warning was seen by Graham Cluley, and it seems that hackers accessed Interxion’s CRM system. Nowhere does it say what CRM stands for, so I'm just going to take an educated guess and say it's the customer relationship management system in question here.
Numbers on how many people are affected are being thrown around, and some media are saying it is around 23,200. No financial data was disclosed, the company stressed, but other information was, including contact names, job titles, emails and phone numbers.
"We emphasise that this incident only affected Interxion's CRM system and did not impact or involve any of the data centres or services that Interxion provides,” the company’s managing director Andrew Fray said in the email. “No actions are required by you or any of our other customers and prospects regarding this incident."
"Upon learning of this incident Interxion collaborated with our CRM supplier and has worked closely with our security team to ensure that all CRM information is secure. Measures have been taken to address this specific vulnerability. We have also informed the authorities in all of the appropriate jurisdictions."
The company “became aware” of the hack in December last year.
UPDATE: Thomas Fischer, principal threat researcher at Digital Guardian commented: "Unlike many of the breaches of 2015 no banking details or private information, such as phone numbers or home addresses, were accessed. However, using corporate information sourced from the CRM system can help attackers target current and prospective Interxion customers. By identifying administrators hackers can use this information to extrapolate usernames, maybe passwords eventually, and increase their effectiveness in targeting advanced social engineering attacks by pretending to be administrators or support staff."
"For organisations affected by this breach, raising user awareness is the most effective way to lower the risk of a breach in their own network. By deploying prompts that warn users when a program attempts to download a file from the Internet or write a file to disk, organisations can prevent such activities from happening in the background without users being aware. This will also train users to recognise and report attacks in progress.
"Moving further down the kill chain, blocking outbound network connections to known malicious domains, or in a worst case scenario, inbound network traffic from those domains, is a critical last line of defence in preventing the malware from executing.”