Framework Suffers Data Breach After Phishing Attack on Accounting Partner
- Written by Shipra Sanganeria Cybersecurity & Tech Writer
- Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor
Framework Computer disclosed a data breach where personal information of an unspecified number of customers was accessed by hackers, following a phishing attack on its accounting service provider.
The US-based laptop maker, known for user-upgradable and repairable devices, in an email to affected customers revealed that an accountant at its external vendor, Keating Consulting, fell victim to a social engineering attack.
‘’On January 9th, at 4:27 am PST, the attacker sent an email to the accountant impersonating our CEO asking for Accounts Receivable information pertaining to outstanding balances for Framework purchases,’’ the email read.
On January 11, deceived by the email, the employee shared a spreadsheet containing customer information like, full name, email address, and balance owned, with the hacker. “Note that this list was primarily of a subset of open pre-orders, but some completed past orders with pending accounting syncs were also included in this list.”
Framework went on to say that its Head of Finance was notified of the breach, approximately 29 minutes after the accountant replied to the seemingly legitimate email. Subsequently, Keating Consulting was informed of this incident and an investigation led Framework to identify and notify impacted customers of the data breach via email .
The company further went on to announce certain mitigation measures that would prevent occurrence of similar incidents in the future. In addition to auditing Keating’s ‘’standard operating procedures around information requests,’’ it will also provide mandatory social engineering and phishing attack training to all employees having access to customer information.
Furthermore, it advised and warned customers that their stolen information can be used by hackers for nefarious purposes. For instance, impersonating Framework to commit financial fraud.
It also informed customers that emails from the company are only sent from ‘support@frame.work’ and never any payment information requests are made over emails. ‘’We will only provide an “Action Required” email when an official payment capture fails, which includes a link to the Framework website to update payment information to enable final payment capture,’’ Framework stated.
Calvià City Council in Majorca Hit by Ransomware Attack
- Written by Shipra Sanganeria Cybersecurity & Tech Writer
- Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor
In a recent announcement, the city council of Calvià, Majorca, notified the citizens about a ransomware attack that impacted the municipal services since last week.
Situated in the south-west of Majorca, Calvià is one of the major tourist hotspots, with over a million visitors annually.
The attack is said to have occurred in the early hours of Saturday, January 13. According to local media reports , a ransom of €10 million ($11 million) has been demanded, which Juan Antonio Amengual, the local mayor, has refused to pay.
The attack is believed to have hit Calvià council’s systems, forcing it to create a crisis committee to analyze the impact on affected services. Moreover, an IT team in partnership with third-party experts is conducting forensic analysis to mitigate and hasten the recovery process.
‘’Calvià City Council continues to work intensely to try to return to normality as soon as possible after the cyber-attack suffered last weekend,’’ the statement read. (Google Translate)
Keeping in mind the impacted services, the council has asked citizens to reach out to the General State Administration Registry for submitting necessary documents.
It has also temporarily suspended all administrative deadlines, including submission of claims and requests until January 31, 2024. In the issued statement, it also advised citizens regarding other local services.
“In response to some questions raised by residents in the municipality, the council recalls that residence certificates can be obtained at the City Hall itself in the morning and also at the Municipal Tax Office,” the statement explained. “In any case, both the payment of taxes and subscriptions (for example, to municipal sports facilities) cannot be carried out during this week.”
The notification concluded by thanking the thousands of city council members and regrets for the inconvenience. It also reminded the citizens that support services could still be availed via both in-person and telephone communication.
Furthermore, in accordance with the laws and regulations, the council also filed an official complaint about the incident with the cybercrime division of the police department, along with submission of preliminary forensic analysis.
