WASHINGTON (dpa-AFX) - On Christmas Eve, data-loss prevention company Cyberhaven's Google Chrome extension was hit by a cyberattack, exposing sensitive information of customers.
The attack started when an employee fell victim to a phishing attack and authorized a malicious OAuth application called 'Privacy Policy Extension' to the company's Chrome Web Store account.
After clicking on the link, which was purported to come from the Chrome Web Store, the employee was taken into another authorization process, where they permitted entry of malicious third-party applications.
'The employee had Google Advanced Protection enabled and had MFA covering his account. The employee did not receive a MFA prompt. The employee's Google credentials were not compromised,' Cyberhaven explained.
The hackers published a malicious version, named 24.10.4, of the extension to the Chrome Web Store, which was available for download between December 25 and December 26.
The attack was detected by the company's security team on Christmas Day.
'I'm proud of how quickly our team reacted, with virtually everyone in the company interrupting their holiday plans to serve our customers, and acting with the transparency that is core to our company values.' CEO Howard Ting said.
'Our investigation has confirmed that no other Cyberhaven systems, including our CI/CD processes and code signing keys, were compromised,' Cyberhaven said.
Following the attack, the company has implemented several security measures to prevent similar attacks in the future.
Copyright(c) 2024 RTTNews.com. All Rights Reserved
Copyright RTT News/dpa-AFX
© 2024 AFX News
