bienvenido a t-cert
The company Verkada, dedicated to the manufacture of security systems at the enterprise level, has confirmed to have suffered a cyberattack, targeting one of its Jenkins servers, causing a data breach.
It is suspected that the security incident began on March 7, lasting until the 9th of the same month. Cybercriminals accessed the IT network after obtaining the necessary credentials to bypass the authentication system, including two-factor authentication.
There is no evidence that passwords or password hashes of users, the internal IT network, as well as Verkada's financial or other commercial systems, have been compromised. There is also no evidence that the firmware of the computers has been tampered with or that the execution of shell commands has had a malicious purpose against customer networks.
In response, new equipment firmware integrity checks have been implemented, all systems have been secured and all affected customers and authorities, such as the FBI, have been informed.
.jpg){kind=small}