Scania, a transport solution organization, has confirmed it faced a cybersecurity incident. The company has stated that the malicious actors leveraged compromised credentials to gain access to its Financial Services systems, allowing them to acquire insurance claim documents. The malicious actors have threatened to leak the online activity unless their demands are fulfilled.
Erich Kron, Security Awareness Advocate at KnowBe4, comments, “Stolen credentials continue to be a significant security concern and were used in this attack. This outlines the need for additional account security such as MFA to help protect accounts. While it’s not a perfect solution, MFA, especially the type that is phishing resistant, can improve account security greatly. This is important not only for internal accounts, but also for external vendors and those outside of the organization that may occasionally need access. Victims whose information was stolen should be on high alert for the potential of social engineering scams that may reference this data and use it against them.”
The organization states that breach’s impact was limited, and that privacy authorities have been notified regarding the incident.
