Physical Address

304 North Cardinal St.
Dorchester Center, MA 02124

Kaspersky blames “misconfiguration” after prospects obtain “expensive and beautiful” e mail • Graham Cluley

[ad_1]

Clients of Russian safety agency Kaspersky are understandably inquisitive about an e mail they obtained yesterday, seemingly from the agency, calling them “expensive and beautiful”.

A number of customers have posted on Kaspersky’s assist discussion board involved that the e-mail – which mentions their identify and e mail tackle – suggests an unauthorised celebration has been in a position to compromise Kaspersky’s programs to ship the e-mail.

Signal as much as our e-newsletter
Safety information, recommendation, and suggestions.

A few of the customers have identified that the e-mail was obtained at an e mail tackle that the e-mail was despatched to an tackle that they had “solely given to Kaspersky.”

Did Kaspersky actually select to ship an e mail to its prospects addressing them as “expensive and beautiful”? Had Kaspersky suffered a knowledge breach? Had a hacker discovered a method to ship messages to the safety firm’s buyer base?

A Kaspersky worker has supplied the next clarification:

Kaspersky is conscious that some customers of the corporate’s merchandise might have lately obtained emails from the corporate’s e mail tackle with irrelevant content material. This e mail was despatched following a misconfiguration within the firm’s inside IT setting. Kaspersky is reaching out to the corporate’s customers to tell them of the difficulty and apologize for the inconvenience induced.

So, Kaspersky is saying a “misconfiguration” is guilty. They aren’t saying the emails have been despatched in error. They’re additionally not debunking the worry some customers had that the emails have been despatched by an unauthorised celebration.

I imply, come on. A “misconfiguration” doesn’t trigger an e mail to be despatched like this. What could be extra correct could be to say {that a} goof has occurred – it might be that the e-mail was despatched in error by an worker, or that somebody has *exploited* a safety gap launched by carelessness.

Whether or not Kaspersky buyer particulars have fallen into the fingers of hackers is simply too early to say based mostly upon what the corporate has stated. However the unauthorised e mail blastout actually seems like some sort of safety breach.

Let’s hope Kaspersky shares extra data quickly.

Hat-tip: @touseef__

Discovered this text attention-grabbing? Observe Graham Cluley on Twitter to learn extra of the unique content material we publish.


Graham Cluley is a veteran of the anti-virus business having labored for a lot of safety corporations because the early Nineties when he wrote the primary ever model of Dr Solomon’s Anti-Virus Toolkit for Home windows. Now an unbiased safety analyst, he commonly makes media appearances and is an worldwide public speaker on the subject of pc safety, hackers, and on-line privateness.

Observe him on Twitter at @gcluley, or drop him an e mail.



[ad_2]

Leave a Reply