This week, the security company Transmit Security notified their customers that the firm had suffered a data breach. The breach included information for over one thousand accounts, including email addresses, passwords, phone numbers, and “other sensitive information” according to the researchers who discovered the breach. Transmit Security though denies that any passwords were impacted. According to a statement from Transmit Security and the information provided to them by the researcher, it appears that the attackers gained access to the NextCloud instance used by Transmit Security. NextCloud is a file sharing support system which is used by Transmit Security to distribute information to customers. According to the researcher who discovered the compromise, source code, binaries, and emailed communications were also compromised by the breach. Transmit Security claims that their source code was not leaked. Transmit Security also made sure to include that this only affected Transmit Security customers; clients of their customers were not affected.
Analyst Notes
There is currently some confusion between Transmit Security and the researcher who discovered the breach as to what all was affected in the breach. It is possible that this confusion could have been caused by either a misunderstanding of what data was being seen in the compromise or in the way that the attackers discussed the compromised data with the security researcher. No matter what information was compromised in the breach, this breach highlights the risks that any company is exposed to when working with other companies. Security can only be as strong as the other systems that are utilized. This is why utilizing strong unique passwords on every system and multi-factor authentication whenever possible are vital to security. Following a breach like this, there is typically an increase in attempts to compromise accounts by trying the same or similar passwords on multiple systems as well as an increase in attempts to phish users whose emails were discovered during the breach. More information can be found at https://www.vice.com/en_us/article/wxepb4/transmit-security-authentication-banks-hacked
