Top ad tech firm Optimizely hit by data breach - around 10,000 companies possibly affected

News
By published

Attack points to another breach by ShinyHunters

Concept art representing cybersecurity principles
Nytt DDoS-rekord (Image credit: Shutterstock / ZinetroN)
  • Optimizely suffered breach via sophisticated voice-phishing attack on Feb 11
  • Hackers accessed CRM records and internal documents, leaking “basic” customer contact info
  • No sensitive data confirmed stolen; incident resembles ShinyHunters’ recent vishing campaigns

Optimizely has confirmed suffered a cyberattack in which it lost “basic” contact information on some of its customers.

Optimizely is a digital experience platform which helps businesses manage their websites and marketing campaigns to improve conversions and customer engagement, and is well known for A/B testing and experimentation, enterprise CMS systems, and various digital ecommerce tools, serving more than 10,000 businesses, includign the likes of H&M, PayPal, Toyota, Nike, and Salesforce.

The company recently sent out data breach notification letters to some of its affected customers, saying the breach took place on February 11, and that the attackers gained access “through a sophisticated voice-phishing attack” but were not able to escalate privileges or deploy malware.

"Basic" data

“We have no evidence that the threat actor was able to access sensitive customer data or personal information beyond basic business contact information," the company said.

We don’t know what Optimizely sees as “basic”, but we can assume it includes full names, email addresses, and potentially phone numbers.

In their incursion, the attackers accessed “certain internal business systems, records in our CRM, and a limited set of internal documents used for back-office operations,” the company stressed, adding that it continued business as usual

It didn’t name the perpetrators, but it did say that their communication was “consistent with the behavior of a loosely affiliated group who use sophisticated and aggressive social engineering tactics, most often involving voice phishing, to attempt to access their victims systems."

This sounds a lot like ShinyHunters, a group which has in recent weeks breached numerous businesses using this same technique.

The hackers would call company representatives, impersonating IT or tech support staff, and get them to reset their login credentials. They would target single sign-on accounts at Okta, Microsoft, Google, and others, and would mostly go for Salesforce data.

ShinyHunters have not yet claimed responsibility for this attack.

Via BleepingComputer

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.