Hackers breached Logitech’s systems through a zero-day bug, likely making off with consumer and partner data.
Logitech reports falling victim to a hack. Criminals breached the company’s systems via a zero-day vulnerability in third-party software used by Logitech. The peripheral manufacturer states that they applied the patch as soon as it was available, but the damage had already been done.
Stolen Data
The hackers stole data from the systems. According to Logitech, this likely includes limited information about employees, customers, and suppliers.
Logitech currently does not believe that sensitive information was compromised. The company defines sensitive data as information such as ID numbers or credit card details. It’s unclear exactly what data the hackers did manage to obtain. In similar cases, it usually involves email addresses but sometimes also phone numbers. Logitech does not specify the details themselves.
The company states that it does not expect any negative financial consequences, partly due to the cybersecurity insurance that Logitech maintains. This insurance covers the costs associated with the incident.
The criminals responsible call themselves Clop. They claim to have stolen 1.8 TB of data. The zero-day bug Logitech mentions is most likely the critical vulnerability in Oracle EBS, which the company has since patched.