Pitney Bowes hit by crypto



  • https://maintenance.pb.com/pbcom/outage.html

    Pitney Bowes was affected by a malware attack that encrypted information on some systems and disrupted customer access to our services. At this time, the company has seen no evidence that customer or employee data has been improperly accessed.
    Our technical team is working to restore the affected systems, and it is working closely with third-party consultants to address this matter. We are considering all options to expedite this process and we appreciate our customers’ patience as we work toward a resolution.



  • WTH - how did that system get compromised? I mean - if it was directly compromised and encrypted - but you almost never hear about situations like that.. instead you hear someone got phished, and then encrypted... which brings the question - why wasn't prod network separate enough to prevent this?



  • @Dashrender said in Pitney Bowes hit by crypto:

    why wasn't prod network separate enough to prevent this?

    Because nothing is separate enough. Not even an air-gapped system.

    Every security measure can be defeated and the ransomware guys makes millions so they have the resources to put some man hours into it.



  • Well, if the backups were stored off-site, a single days worth of data could have been the only loss there, which is the exact schedule they should be made for a service provider of their scale.



  • @DimS said in Pitney Bowes hit by crypto:

    Well, if the backups were stored off-site, a single days worth of data could have been the only loss there, which is the exact schedule they should be made for a service provider of their scale.

    Hell yeah, this is a major company with gobs of customer data.


Log in to reply