Cybersecurity giant and eight-time Gartner Magic Quadrant Leader for Network Firewalls, Palo Alto Networks, has suffered a data breach, which resulted in the exposure of the personal data of its current and former employees. According to Business Insider, who first broke the story based on information provided by an anonymous former employee, the compromised personal data includes the names, dates of birth and social security numbers of affected employees.
Palo Alto Networks, who has since admitted to the breach, said an external contractor inadvertently posted the information online due to “security errors”. This breach was detected way back in February this year, but the former employee had stated that it remained undetected for months, giving ample time for threat actors to misuse the data.
It is unclear where the details of affected employees had been leaked or whether their information had been shared or sold off on the dark web.
While the name of the company was not disclosed, it was reported that Palo Alto Networks has since terminated the contract with the company.
A spokesperson from the cybersecurity company told Business Insider, “We took immediate action to remove the data from public access and terminate the vendor relationship. We also promptly reported the incident to the appropriate authorities and the impacted individuals. We take the protection of our employees' information very seriously and have taken steps to prevent similar incidents from occurring in the future.”
This whole incident highlights the fact that even if an organisation has the latest security technologies in place to protect its data (which we’re sure Palo Alto Networks does indeed have), all it takes to ruin all that is a simple human error, and working with a less security-inclined company who has access to that data can leave the organisation exposed to such breaches.
We’re not sure how this will affect the reputation of a cybersecurity company like Palo Alto Networks, but it is sure to leave them red-faced and scrambling to contain the PR damage.