Cyber criminals say they stole 20GB of sensitive data from SaaS company Plume'e network

An unidentified threat actor recently listed software company Plume as a victim on a dark web forum, claiming that they stole several gigabytes of data from the company’s network.

Plume is a Palo Alto, California-based Software-as-a-Service (SaaS) company that provides self-optimising, smart WiFi services, visibility, and network control for Communications Service Providers (CSPs) and their subscribers, including personal households and small businesses.

Recently, Cybernews reported that a threat actor allegedly infiltrated Plume’s internal network and stole more than 20 GB of company data. The threat actor claimed in a post on a dark web forum that the stolen database contains around 15 million lines of information, including the sensitive details of mobile app users, customers and staff members. 

 

According to the threat actor, the compromised data also includes email addresses, devices, carriers, first and last names, iOS and Android versions, and more.

While the authenticity of the threat actor’s claim is yet to be verified, Plume has acknowledged the reports of the security incident. “We are aware of the claim and our teams are investigating,” a Plume spokesperson told the media.

Commenting on the news, Javvad Malik, lead security awareness advocate at KnowBe4, said, “The alleged data breach at Plume is a significant concern, as it involves the potential compromise of a vast amount of user data. The organisation’s quick response in acknowledging the claims and initiating an investigation is commendable, as it demonstrates the seriousness with which they are approaching the situation.

“If the attackers have indeed accessed and downloaded gigabytes of user data, it could have severe implications for the privacy and security of Plume’s customers, staff members, and mobile app users. The compromised dataset may contain sensitive information that, if exposed or sold, could lead to identity theft, phishing attacks, or other forms of exploitation.

“Affected Plume users should remain vigilant and watch for any suspicious or unexpected communications. It is advisable for Plume to offer necessary support, such as guidance on monitoring for potential identity theft or providing credit monitoring services, to affected individuals. Additionally, Plume should take the opportunity to enhance their security practices to prevent similar incidents in the future.

“Overall, incidents like these are stark reminders of the evolving cyber threat landscape and the importance of ongoing diligence in safeguarding user data. Organisations must remain proactive and continually evolve their security measures to stay ahead of potential attackers,” Malik added.