Third-party breach confirmed by Cylance

BlackBerry-owned cybersecurity firm Cylance has confirmed having its data compromised as a result of a "third-party platform" breach following a post by the threat actor dubbed "Sp1d3r" peddling the exfiltrated information for $750,000, BleepingComputer reports. Allegedly included in the trove of stolen data were 34 million Cylance customer and employee emails, as well as its customers', employees', and partners' personally identifiable information but the cybersecurity company emphasized that the breach only concerned marketing information used between 2015 and 2018, or before the BlackBerry acquisition, as well as did not impact its current clients. Other organizations confirmed to be impacted by the Snowflake breach include Ticketmaster, Santander Bank, and loan comparison site LendingTree's QuoteWizard subsidiary. JUNE 13 UPDATE: Statement from Cylance

"We are aware of a post on the ‘X’ platform reporting that a database for sale on the ‘Dark Web’ contains Cylance customer, partner and employee names and email addresses along with marketing data.

"While our investigation is ongoing, BlackBerry Cylance systems and products remain secure and are being closely monitored by our security operations team as part of our ongoing commitment to the security of our customers’ data.

"Based on our initial reviews of the data in question, no sensitive data is involved and we can confirm that no customer data related to the usage or operation of any of the products or services in the Cylance portfolio have been impacted. The data in question was accessed from a third-party platform independent of BlackBerry and appears to be from 2015-2018, predating BlackBerry’s acquisition of the Cylance product portfolio.

"We continue to monitor this situation closely and will take all necessary precautions to maintain the integrity of our products and systems and the trust of our customers."