Florida-based IT management software provider ConnectWise has disclosed the compromise of its ScreenConnect cloud infrastructure in a suspected state-sponsored cyberattack, CRN reports.
Only a few organizations using ScreenConnect were impacted by the incident, which has since been resolved with immediate patching efforts, as well as the adoption of more robust monitoring and security mechanisms, according to ConnectWise. Additional details regarding the timeline and extent of the data breach were not provided. However, a source close to the matter emphasized that malicious activity has been successfully mitigated by the fixes implemented by ConnectWise, which was also noted to be continuously evaluating and improving the security of its offerings. Such an incident was regarded by VXIT co-founder Paul Vedder to highlight the security risks faced by managed software providers. "Nothing is 100 percent safe and that's just reality. I hope incidents like this send a strong reminder to other vendors to focus on what they can do to protect themselves, their customers (us MSPs) and most importantly, the MSPs' end users," said Vedder.
Only a few organizations using ScreenConnect were impacted by the incident, which has since been resolved with immediate patching efforts, as well as the adoption of more robust monitoring and security mechanisms, according to ConnectWise. Additional details regarding the timeline and extent of the data breach were not provided. However, a source close to the matter emphasized that malicious activity has been successfully mitigated by the fixes implemented by ConnectWise, which was also noted to be continuously evaluating and improving the security of its offerings. Such an incident was regarded by VXIT co-founder Paul Vedder to highlight the security risks faced by managed software providers. "Nothing is 100 percent safe and that's just reality. I hope incidents like this send a strong reminder to other vendors to focus on what they can do to protect themselves, their customers (us MSPs) and most importantly, the MSPs' end users," said Vedder.
