In May 2020, the telecommunications company disclosed that it had suffered a cyber attack in which hackers compromised a cloud server located in its data center, before using it as a 'stepping stone' to attack another internal server and its Active Directory server. Attackers moved from those servers to compromise an information management server used to service the company's cloud and hosting customers. It is from this last server that attackers stole data on 621 of the company's customers.
The system administration department detected a log of an unauthorized remote operation within the company's Active Directory which prompted the initial investigation and alerted the company to the incident.
Want to discuss this case? You can purchase a 30 minute conference call with our analysts to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:
We've done the analysis so you can make the decisions