Zscaler Test Environment Shut Down: A Breach Rumor, Quick read

Zscaler, a leading cybersecurity firm, recently found itself in the midst of a storm. Rumors began to circulate that a threat actor was selling access to the company’s systems.

The Response

In response to these rumors, Zscaler took an immediate step. They took a “test environment” offline for analysis. This environment was found to be exposed.

The Investigation by Zscaler

Zscaler initiated an investigation immediately after learning of the rumors. The company took the potential threat very seriously. They committed to continue their rigorous investigation.

The Discovery by Zscaler

During the investigation, Zscaler discovered an isolated test environment on a single server. This environment, which did not contain any customer data, was exposed to the internet. Zscaler took this test environment offline for forensic analysis.

The Clarification by Zscaler

Zscaler clarified that there was no impact or compromise to its production and corporate environments. The company initially dismissed the rumors, stating that their internal investigations had not shown any evidence of a breach.

The Threat Actor

The rumors started after a notorious Serbian threat actor named IntelBroker offered to sell access to a cybersecurity company. The company was described as having a revenue of $1.8 billion. Connections were quickly made to Zscaler, as the company lists a similar revenue on ZoomInfo.

In the past, IntelBroker has claimed responsibility for attacks on Autotrader, Volvo, AT&T, Verizon, and others. The threat actor has also claimed responsibility for a breach of multiple US government agencies and advertised the sale of over 2 GB of stolen files on underground hacking forums.

In the case of Zscaler, IntelBroker claimed to have access to “confidential and highly critical logs packed with credentials,” SMTP access, SSL certificates, and other sensitive data. The asking price was $20,000 in cryptocurrency.

The Conclusion

In conclusion, while Zscaler has taken immediate steps to address the rumors and is working on a thorough investigation, the incident serves as a reminder of the constant threats that cybersecurity firms face. It underscores the importance of vigilance and robust security measures in today’s digital landscape.

You think you have a story worth everyone’s time? SUBMIT A STORY and we will publish it.