Putting a major webmail hosting provider back in control following a serious security breach
When a major webmail hosting provider contacted us to report a security breach on its platform, we understood immediately how serious the situation was. For any company providing webmail services, having to let customers know that security has been compromised could severely damage the brand.
The call came through outside normal office hours. Within one hour we convened a conference call to allow the client to give specialist consultants a full briefing and get initial advice. Then, we despatched a team of consultants who travelled through the night to arrive on site and start the investigation. We confirmed that the malware on the platform could allow the cyber attackers to extract encrypted passwords on mailboxes. Fortunately, we found no evidence to confirm that this had happened.
We identified the main reason for the security breach (outdated software), identified the locations of the malware and gave the client the information needed to remove it and re-start services safely. We also found weaknesses on their systems and advised them how to address these and strengthen protection.
Our speed of response in providing initial advice and then placing consultants on site meant that we significantly reduced the risk of data being compromised. Our work gave our client a clear picture of the breach and its implications so that the company could inform customers quickly and get a secure service up and running without delay.
If your business needs help to respond to, recover and investigate cyber incidents, talk to one of our CSIR experts today or learn more about our Cyber Security Incident Response service.