Synertrade, a French subsidiary of Econocom, experienced a significant security incident beginning on June 27, 2024. The company identified suspicious software and responded by cutting off all IT flows from its systems and launching a thorough investigation. This proactive measure was part of their incident response plan to mitigate potential risks.
The initial investigation revealed that while suspicious software was detected, no sensitive customer or personal data had been compromised. The affected IT systems were isolated, and Synertrade’s services were gradually resumed starting July 1, 2024. The company assured that the incident was confined to Synertrade’s network and did not impact the broader Econocom group.
Econocom noted that the suspicious software appeared to be heavily disguised, making detection challenging. They shared technical markers with the InterCERT community and relevant authorities to assist in the ongoing investigation. The modus operandi of the malware suggested it could be linked to the Cactus group, although this connection has not been confirmed.
Despite the leak of some data, Econocom stated that the exfiltrated information was not deemed sensitive under GDPR regulations. All affected customers were promptly informed, and the company continues to enhance its security measures while cooperating with authorities. The situation remains under review as further analysis is conducted.
