ConnectWise customers get mysterious warning about 'sophisticated' nation-state hack

ConnectWise has brought in the big guns to investigate a "sophisticated nation state actor" that broke into its IT environment and then breached some of its customers.

In a May 28 advisory, the IT management software vendor said the compromise "affected a very small number" of its customers who use ScreenConnect, a remote access and management tool. 

Multiple major brands, including Panasonic, Swarovski, Aflac, and Honeywell, use this product, according to the software provider, so this type of supply-chain attack would not be good for business. 

The Register asked ConnectWise for more details about the breach, including how the intruders gained initial access to its systems, how many customers' instances they then broke into, and what they did — deploy ransomware? Steal data? We will update this story if we receive a response.

In its May 28 alert, ConnectWise said it hired Google-owned cleanup crew Mandiant to investigate the security breach ...