Cylance confirms data breach linked to ‘third-party’ platform

From bleepingcomputer.com

Cybersecurity company Cylance confirmed the legitimacy of data being sold on a hacking forum, stating that it is old data stolen from a “third-party platform.”

A threat actor known as Sp1d3r is selling this stolen data for $750,000, as first spotted by Dark Web Informer.

The data allegedly includes a substantial amount of information, such as 34,000,000 customer and employee emails and personally identifiable information belonging to Cylance customers, partners, and employees.

However, researchers have told BleepingComputer that the leaked samples appear to be old marketing data used by Cylance.

BlackBerry Cylance told BleepingComputer that they’re aware of and investigating the threat actor’s claims but that no “BlackBerry data and systems related to [..] customers, products, and operations have been compromised.”

Read more…