Tech »  Topic »  Dozens of organizations fall victim to infostealers after failing to enforce MFA

Dozens of organizations fall victim to infostealers after failing to enforce MFA

1 day, 10 hours ago   techradar.com
(Image credit: Shutterstock)
  • Hacker “Zestix” (aka Sentap) is auctioning stolen data from 50 global enterprises, including Deloitte, KPMG, Samsung, and Pickett & Associates
  • Victims lacked MFA and had devices compromised by infostealers like RedLine, Lumma, or Vidar, enabling credential theft
  • Poor password hygiene and years-old credentials allowed large-scale exfiltration; Pickett alone lost ~139 GB of sensitive files

Someone is auctioning a wide range of highly sensitive data, picked up from 50 global enterprises, on the dark web. Among the victims are a couple of real heavy hitters, such as Pickett & Associates, Deloitte, KPMG, and Samsung.

The news comes from the Israeli cybersecurity startup Hudson Rock, who recently issued an in-depth report on a hacking campaign conducted by a hacker with the alias Zestix (AKA Sentap).

As per the report, all of the victims had one thing in common - they did not enforce multi-factor authentication (MFA), and allowed access to ...


Copyright of this story solely belongs to techradar.com . To see the full text click HERE