Zscaler reports that following rumours that a threat actor was offering to sell access to the company's systems, they uncovered an exposed "test environment" that had been pulled offline for study. Zscaler first claimed in a post that there was no proof that its production or customer environments had been compromised, despite an ongoing investigation. Later in an update, Zscaler confirmed that they discovered an "isolated test environment" exposed to the internet, which they took offline for forensic analysis.
"The test environment was not hosted on Zscaler infrastructure and had no connectivity to Zscaler’s environments. The test environment was taken offline for forensic analysis."
Zscaler says that no company, customer, or production environments were impacted by the incident.
The rumors started after a well-known threat actor named IntelBroker began selling what they claim is access to a cybersecurity company with a revenue of $1.8 billion.
This access allegedly includes "Confidential and highly critical logs packed with credentials, SMTP Access, PAuth Pointer Auth Access, SSL Passkeys & SSL Certificates."
Zscaler continues to investigate and reiterates there is no impact or compromise to our customer, production and corporate environments. It engaged a reputable incident response firm that initiated an independent investigation. It continues to monitor the situation and will provide additional updates through the completion of the investigation.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
