Published on November 28th, 2019 📆 | 5328 Views ⚑0
Cybersecurity firm Palo Alto Networks hit by employee data breach
- Palo Alto Networks, the cybersecurity firm with a market cap of $22 billion, admitted it had been hit by a security breach.
- The breach saw past and present employees’ names, dates of birth and social security numbers shared online.
- The company, led by former SoftBank president Nikesh Arora, said it had terminated its contract with the third party responsible for the breach, but declined to disclose who it was.
- One victim told Business Insider they were “disappointed” Palo Alto Networks had decided not to name the party responsible for the breach.
- Click here for more BI Prime stories.
Palo Alto Networks, one of the world’s biggest cybersecurity companies, has admitted to suffering a data breach in which a number of past and present employees’ personal data was leaked online.
The multinational firm, led by former SoftBank president Nikesh Arora, serves around 60,000 organizations in over 150 countries and has a market cap of around $22 billion.
Business Insider was made aware of the breach by a former employee, who wished to remain anonymous
The company confirmed to us that personal information about seven current and former employees had been “inadvertently” posted online in February by an external contractor.
Business Insider understands individuals’ names, dates of birth and social security numbers were shared online by what Palo Alto Networks referred to as a “third-party vendor”, an external company providing a product or service which had access to their system. Palo Alto Networks declined to identify the third party but said it had terminated its contract with the company. The company also declined to say where the details had leaked.
A spokesman told Business Insider: “On February 2, we were made aware that information related to seven current and former employees was inadvertently posted by a third-party vendor on an external development community website.
“We took immediate action to remove the data from public access and terminate the vendor relationship. We also promptly reported the incident to the appropriate authorities and to the impacted individuals.
“We take the protection of our employees’ information very seriously and have taken steps to prevent similar incidents from occurring in the future.”
One victim, a former employee whose information was shared online, spoke to Business Insider on condition of anonymity. They said: “I couldn’t believe it. Of all the firms in the world to be hit by a breach, you would expect Palo Alto, one of the biggest cybersecurity companies in the world, to be able to keep on top of it.
“I’m disappointed they have decided to protect whoever was responsible for my information being put out there. Sure, they might not be working for them anymore – but who’s to say they won’t do something like this elsewhere?”