Pitney Bowes Suffered Second Ransomware Attack Within A Year

As the world is in a standstill and people are relying more on delivery services, the threat actors are targeting this niche now. However, the recent victim, Pitney Bowes, isn’t a new one. Rather this is the second ransomware attack on Pitney Bowes in less than a year.

Pitney Bowes Second Ransomware Attack

Reportedly, the technology giant Pitney Bowes has suffered a cyber attack once again. Pitney Bowes manages package and mail delivery, and other e-commerce related services, predominantly in the United States.

According to ZDNet, the company has recently suffered a second ransomware attack.

The news surfaced online after the potential threat actors behind this incident, the Maze ransomware gang, hinted of it. Disclosing the matter via a blog post, they shared screenshots of directory listings that possibly belonged to the firm’s network.

However, details about the extent of data breached, the demand for ransom, and other issues aren’t available yet.

No Disclosure, But ‘Investigations Underway’

Upon noticing the screenshots, ZDNet reached out to the firm to confirm the matter.

In response, their spokesperson confirmed the security incident with the following statement. Yet, this time, either they are trying to downplay the incident, or the matter really isn’t that serious.

Recently, we detected a security incident related to Maze ransomware. We are investigating the scope of the attack, specifically the type of data that had been accessed, which appears to be limited.
At this point, there is no evidence of further unauthorised access to our IT systems.

However, Pitney Bowes hasn’t mentioned anything in this regard on their website or social media profiles.

This is in contrast to the first ransomware attack that took place in October 2019. At that time, they not only disclosed the incident officially. Rather they also set up a dedicated status page for continuous updates. Though, that time, the attackers were different – the Ryuk ransomware gang, as confirmed by the company.

Nevertheless, the spokesperson has assured that they are investigating the matter. So, let’s wait if they disclose the matter publicly after reaching a conclusion.

For now, one thing is clear – the firm has been a victim of two different ransomware within a year. This certainly indicates the level of security and vulnerability of the firm’s network.

Let us know your thoughts in the comments

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients