Hackers claim to have hit BlackBerry Cylance and The New York Times in separate, unrelated incidents, but only the New York Times hack may be significant, as BlackBerry officials say that data purporting to be from their company appears to be several years old and out of date. Data from both incidents have been put up for sale on the dark web.
The New York Times confirmed that its code base was hacked on GitHub, while Blackberry may have been the victim of an old third-party data breach dating from before its acquisition of Cylance.
Cylance Breach Claims Disputed By BlackBerry
Claims of the Cylance breach were posted on BreachForums by a poster who goes by Sp1d3r and discussed on X and Reddit, among other places.
The poster claims to have data from Cylance customers, partners and employees, and 34 million customer and employee emails.
The seller is asking $750,000 and claims to have:
- Customer and prospect email and personally identifiable information
- Products used by organizations
- Sales prospects list with activity status
- Cylance partners list
- Cylance users list
The seller posted a list of the data sets in their possession, which looks like it could be from a CRM database:
In a statement to The Cyber Express, BlackBerry Cylance said its investigation is ongoing, but “BlackBerry Cylance systems and products remain secure and are being closely monitored by our security operations team as part of our ongoing commitment to the security of our customers’ data. Based on our investigation to date, we do not believe that BlackBerry data and systems related to our customers, products, and operations have been compromised.”
The company’s initial reviews of the data in question suggest that “no current Cylance customers are impacted, and no sensitive information is involved. The data in question was accessed from a third-party platform unrelated to BlackBerry and appears to be from 2015-2018, predating BlackBerry’s acquisition of the Cylance product portfolio.”
“We continue to monitor this situation closely and will take all necessary precautions to maintain the integrity of our products and systems and the trust of our customers.”
New York Times Source Code Hacked on GitHub
News of the New York Times data breach was initially reported by vx-underground, which said someone on 4chan had leaked 270GB of source code belong to the newspaper. The poster claimed the Times has more than 5,000 source code repositories, and less than 30 are encrypted. The data included 3.6 million files in all.
While the hacked data appears to include IT documentation and source code, the organization reported that its corporate systems and operations are unaffected.
In a statement to The Cyber Express, a New York Times spokesman said, “The underlying event related to last week’s posting occurred in January 2024 when a credential to a cloud-based third-party code platform was inadvertently made available. The issue was quickly identified and we took appropriate measures in response at the time. There is no indication of unauthorized access to Times-owned systems nor impact to our operations related to this event. Our security measures include continuous monitoring for anomalous activity.”
