Optimizely Ad Tech Company Hit by Cyberattack: Data Security Concerns Rise

Post Views: 14

Ad Tech Firm Falls Victim to Sophisticated Vishing Attack

A recent cyberattack targeted Optimizely, a digital experience platform provider, in a sophisticated voice phishing (vishing) scheme. The incident, which was immediately contained, involved unauthorized access to certain internal business systems.

Scope of the Breach

According to the company, the attackers were unable to escalate privileges, install software, or create backdoors within the Optimizely environment.

The breach was confined to specific internal systems, including Zendesk, Salesforce CRM records, and a limited set of internal documents used for back-office operations. Business contact information was accessed by the attackers, but Optimizely claims to have found no evidence of sensitive customer data or personal information being compromised.

Response and Investigation

Optimizely has engaged law enforcement and third-party cybersecurity experts to aid in the investigation. The company is prioritizing transparency with its customers and partners, providing updates and individual guidance directly.

Although the threat actor behind the attack has not been named, the incident’s characteristics suggest a possible link to the notorious ShinyHunters extortion group.

“The company’s swift response and containment of the breach demonstrate its commitment to protecting customer data and maintaining the integrity of its systems.” – Optimizely

Impact and Aftermath

Optimizely, which operates 21 offices worldwide and provides services to over 10,000 businesses, including prominent clients such as H&M, PayPal, Toyota, Vodafone, and Zoom, has assured that the incident did not disrupt its operations.

As the investigation continues, Optimizely remains focused on providing support to its customers and partners affected by the incident.