Data breach at Stormshield

Stormshield, a French company who is a leading provider of cybersecurity solutions for IT/OT sectors and cloud environments, has reported unauthorised access to its technical support ticket management system for customers and partners.

As a result of the cyberattack, some personal and technical data associated with Stormshield accounts may have been compromised. In response, the company has reset all passwords and implemented special security measures.

In addition, it is known that parts of the source code of the SNS (Stormshield Network Security) products have been leaked. As countermeasure, product updates have been released to replace the trusted certificate that signs and guarantees the integrity of the installed versions. So far, there is no evidence that the source code has been illegitimately modified.

Stormshield has now informed its affected customers and is conducting an investigation with authorities such as ANSSI (Agence Nationale de la Sécurité des Systèmes d'Information). The incident has not affected the functioning of any product neither.