Commvault experienced a significant cybersecurity breach due to the actions of a Chinese hacker group known as Silk Typhoon, which accessed its enterprise cloud systems and targeted customers' application secrets. CISA issued a joint advisory, revealing that this incident may link to a larger campaign against various SaaS companies. Microsoft alerted Commvault about unauthorized access attributable to a 'nation-state threat actor.' The company clarified that while a small number of their mutual customers were affected, there was no unauthorized access to customer backup data.
Silk Typhoon, a Chinese hacking unit, has targeted Commvault, accessing enterprise cloud systems and customer application secrets, according to reports.
CISA believes this hacking activity might be part of a broader campaign aiming at SaaS companies, exploiting default configurations and elevated permissions.
Collection
[
|
...
]