A threat actor, operating under the alias Sp1d3r, has reportedly put up for sale stolen data from BlackBerry Cylance on the dark web, priced at $750,000. This data comprises a vast array of information, including 34 million customer and employee emails, customer/prospect email and PII, product details used by organizations, sales prospect lists, Cylance partners list, and user lists.
BlackBerry, the parent company of Cylance, has acknowledged the potential data breach and is actively investigating the situation. According to BlackBerry, the stolen data seems to originate from a third-party platform and appears to be outdated, spanning the years 2015 to 2018.
While initial assessments suggest that no current Cylance customers are affected and no sensitive information is compromised, BlackBerry continues to closely monitor the situation. The company is committed to taking all necessary measures to safeguard the integrity of its products and systems, as well as to uphold the trust of its customers.
Despite speculation among experts that the data may have been obtained from the cloud data platform Snowflake, Cylance has clarified that it is not currently a customer of Snowflake. The incident underscores the ongoing challenges and risks posed by cyber threats, highlighting the importance of robust cybersecurity measures to protect sensitive data and maintain trust in digital systems.
