On Monday May 4, 2020, Pitney Bowes was the target of a ransomware attack – Maze. Our security protocols and tools identified and stopped the attackers before they were able to encrypt any data or services; however, a limited set of corporate file share data was exfiltrated. Pitney Bowes products and services remained operational and were unaffected by the attack.
At this point we see no evidence of further unauthorized access to our IT systems. In consultation with our third-party security advisors, we have seen no evidence that the malware can be propagated to any client or partner systems.
What does it mean for Global Ecommerce clients?
- At this time there is no evidence that the attackers gained access to consumer personal information, payment information or any transactional data from our products and services
- The attackers accessed a limited set of corporate file share data used by our teams to conduct business-related activities, including invoicing and performance analysis. The exposed data was limited to some of our cross-border and marketplace clients. At this time, there is no evidence that the attackers gained access to any other client data.
- We are doing enhanced monitoring and detailed forensic work to ensure that we have identified the full universe of data.
Pitney Bowes internal resources continue to work with our security partner (IBM IRIS) to finalize the forensic analysis on the attack. We are sharing information with law enforcement with expertise in Maze ransomware, and we can make the malware hashes and IOC’s available to your security team as they become finalized.
Check pitneybowes.com for more information.