.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Know Your Breach: HTC Global Services
Dec 8, 2023 9:04:57 AM
The Target: HTC Global Services is a managed service provider offering technology and business services to the healthcare, automotive, manufacturing, and financial industries.
The Take: The leaked data includes passports, contact lists, emails, and confidential documents allegedly stolen during the attack.
The Vector: While little information about the attack on HTC is available, cybersecurity professional Kevin Beaumont believes the company was breached using the Citrix Bleed vulnerability. According to Beaumont, one of HTC's business units, CareTech, operated a vulnerable Citrix Netscaler device, which was exploited for initial access to the company's network.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
