Logitech confirms attack. Customer and employee data at risk after Oracle vulnerability

Logitech, one of the leading manufacturers of peripherals, has joined the growing list of victims of cybercrime group Clop. The company has confirmed that it was the victim of a hack enabled by a zero-day vulnerability in software provided by an external company. The incident is part of a wider campaign of supply chain attacks targeting users of the popular business suite.

The source of the problem turned out to be a critical vulnerability in the Oracle E-Business Suite (EBS) software used by Logitech. Hackers from the Clop group identified and exploited the bug before Oracle had time to patch it. Although Logitech implemented the required patch as soon as it was made available, it turned out that it was too late to respond – the attackers had managed to infiltrate the systems and exfiltrate the data.

The company acknowledges that information has been stolen, but seeks to tone down concerns. According to the official position, the leak is likely to relate to “limited information” about employees, customers and suppliers. Logitech stresses that at this stage of the investigation, there is no evidence that sensitive data such as ID numbers or credit card details have fallen into the hands of criminals. However, it is unclear exactly what data set was compromised; similar cases often involve email addresses and phone numbers.

The Clop group, known for its high-profile attacks (including on MOVEit software), has publicly admitted to the hack and claims to be in possession of as much as 1.8TB of manufacturer data.

Despite the seriousness of the incident, Logitech does not expect the intrusion to have a material negative impact on its financial results. The company’s management has advised that the costs associated with the response to the incident and its aftermath should be fully covered by its cyber insurance.