Cushman & Wakefield Confirms Data Breach After Vishing Attack
Cushman & Wakefield has confirmed a data breach following a vishing attack, with both ShinyHunters and Qilin claiming responsibility for the incident.
Real estate giant Cushman & Wakefield has confirmed that it is investigating a data breach following separate extortion threats from the ShinyHunters and Qilin cybercrime groups. The company has activated its incident response protocols to manage the situation and assess the extent of the unauthorized access.
The incident reportedly involved a vishing (voice phishing) attack, which the threat actors likely used to gain initial access to the company's systems. Both groups have claimed responsibility for the attack, suggesting that the company's sensitive data may have been compromised and could be at risk of being leaked or sold.
Cushman & Wakefield is working with external cybersecurity experts to investigate the breach and secure its infrastructure. The company has not yet disclosed the full scope of the affected data, but it is taking steps to notify potentially impacted parties and strengthen its defenses against further attacks. [The Register Security]