Pulse Secure data breach leaks details of 900 organisations

Back
Hosepipe with a leak

The French data protection authority (CNIL) has issued a statement following Pulse Secure data breach.

Pulse Secure notified CNIL of a data breach caused by a ransomware attack of its virtual private network products. The breach occurred when a vulnerability was exploited where outdated versions of certain products were being used.

CNIL says that the confidential information of more than 900 international organisations had been published at the beginning of August and that such information included, among other things, IP addresses of vulnerable servers, private keys, usernames, passwords and a list of users.

CNIL has recommended that affected organisations should conduct audits of information systems and monitor suspicious activities.

Insight

‘Pulse Secure’ may soon change its name.

If your organisation is looking to comply with the requirements of the GDPR then take a look at how our CSaaS and DPaaS solutions can help.