A10 Networks, the California-based networking hardware manufacturer, has confirmed to BleepingComputer that its IT infrastructure and data were briefly compromised by the notorious Play ransomware gang.
The security incident took place on January 23, 2023, but the company’s IT team quickly contained the damage and stopped the intrusion. The attack affected human resources, finance, and legal functions data, but A10 Networks assures that its products and solutions, as well as its customers, have not been impacted. The company is working with outside experts and has notified the appropriate law enforcement authorities.
The Play ransomware gang has added A10 Networks to its extortion site, threatening to leak the files it stole during the intrusion, including confidential files such as technical documentation, employee and client data, agreements, and personal information.
The Play ransomware group is known for its recent attacks on a number of high-profile victims, including the Belgian city of Antwerp, the H-Hotels hotel chain, Arnold Clark car retailer, and Rackspace, among others.
To prevent similar attacks and minimize the risk of insider threats, it is crucial for organizations to implement strict security measures, including regular security audits, multi-factor authentication, and access controls. Regular software and system updates, along with employee awareness and training programs, can also help reduce the risk of successful ransomware attacks and data breaches.
Additionally, it is important to have a well-planned response and recovery plan in place, in case an incident does occur, to ensure that the damage is contained and the business can return to normal operations as quickly as possible. By taking proactive measures and being prepared for the worst, organizations can better protect themselves from the damaging consequences of insider threats and ransomware attacks.