A10 Networks have confirmed it suffered a data breach in which a popular ransomware group infiltrated its system, deployed malware, and stole sensitive company data.
The application delivery controllers manufacturer filed a K-8 form with the Securities and Exchange Commission (SEC), in which it detailed a security incident that took place on January 23, 2023.
During the incident, a threat actor accessed the company’s shared drives, installed malware, and made away with data on human resources, finance, and legal issues. However the attack was allegedly quickly contained and did not affect the company’s operations, or its customers.
Not affecting customers
“Working with outside experts, the Company has contained the attack within its network and has notified the appropriate law enforcement authorities of the incident,” A10 said in the filing. “The Company currently does not expect this incident to have a material impact on its operations.”
At the same time, the operators of the Play ransomware added A10 Networks’ data to their leak site, and threatened to release it. The threat actors claim the database holds sensitive information such as technical data, employee and client data, agreements, and personal information.
A10 Networks is a company building application delivery controllers, based in San Jose, California. It also offers firewalls and distributed denial of service (DDoS) protection solutions. According to the company, it has clients in 117 countries around the world, including a number of high-profile tech, and telecoms clients, such as Yahoo, Deutsche Telekom, Twitter, Samsung, Sony Pictures, and more.
Aside from the K-8 filing, the company did not further discuss the incident with the media.
Play is a relatively young ransomware operator (first noticed in early summer of 2022), but has already managed to make a name for itself, after successfully targeting a couple of government organizations in Latin America.
- These are the best malware protection solutions around
Via: BleepingComputer
