BlackBerry investigates alleged Cylance data breach on dark web

BlackBerry is investigating a potential data breach involving its Cylance cybersecurity unit after reports emerged of data being offered for sale on the dark web. However, the company believes the data is old and does not originate from its systems.

Last week, Dark Web Informer revealed that a threat actor is attempting to sell data allegedly belonging to BlackBerry’s Cylance customers, partners, and employees for $750,000. The cybercriminals claim to possess 34 million customer and employee emails, personally identifiable information, sales prospects, and user and partner lists.

Cylance, an endpoint security company, was acquired by BlackBerry in 2019 for $1.4 billion. The purported data breach has prompted BlackBerry to conduct an investigation. Initial findings indicate that no current Cylance customers are impacted, and no sensitive information is involved. The company stated that the data in question was accessed from a third-party platform unrelated to BlackBerry and appears to be from 2015-2018, predating BlackBerry’s acquisition of Cylance.

BlackBerry emphasized that it is closely monitoring the situation and will take all necessary precautions to maintain the integrity of its products and systems and the trust of its customers. The company assured that there is no evidence of compromise to its systems related to customers, products, or operations.

Reports suggest that the Cylance data might have been obtained through the recent cyber campaign targeting the cloud data platform Snowflake customers. This campaign has affected numerous organizations, including high-profile companies like Ticketmaster, Anheuser-Busch, Allstate, Advance Auto Parts, Mitsubishi, Neiman Marcus, Progressive, Santander Bank, and State Farm. Mandiant reported on Monday that approximately 165 organizations have been affected by this campaign.