© 2024 CoolTechZone - Latest tech news,
product reviews, and analyses.

OmniVision informs authorities of security breach


OmniVision, a California-based manufacturer that designs and develops imaging sensors for digital imaging products such as smartphones and webcams, has disclosed that it was the victim of a ransomware attack.

The cyber attack took place last year, OmniVision says in a Breach Notification to the Department of Justice of the state of California.

On September 30 2023 the company noticed a security incident that resulted in ‘the encryption of certain systems by an unauthorized party’. In response OmniVision launched a comprehensive investigation alongside with third party cybersecurity experts and law enforcement. At the same time, the company implemented proactive measures to remove the assailants and ensure the security of its systems.

In-depth investigation, which was concluded on April 3 this year, revealed that hackers took personal information of an undisclosed number of clients between September 4 and September 30 2023. OmniVision doesn’t reveal what personal information from the company was stolen.

“Please know that protecting your personal information is something we take very seriously. We also took steps to reduce the likelihood of a similar incident occurring in the future, and we continue to make additional improvements that strengthen our cybersecurity protections”, OmniVision says in the notice addressed to Rob Bonta, Attorney General of the state of California. Victims are offered credit monitoring and identity restoration services for the next 24 months.

Threat actor Cactus claims responsibility for cyber attack

The Cactus ransomware gang is most likely responsible for the cyber attack. According to BleepingComputer, the members of the group claimed the attack in October 2023 and leaked some data samples, including passport scans, contracts, confidential documents and non-disclosure agreements. The threat actor eventually released all data it had stolen during the attack in a publicly available ZIP-file, which was free to download.

Cactus is a group of hackers that has been active since March 2023. According to cybersecurity experts, the gang has made more than a hundred victims since then, including French electronics company Schneider Electric and Dutch schoolbooks seller Iddink.

According to cybersecurity firm Kroll Cyber Intelligence, Cactus uses well-known tactics, techniques, procedures and custom scripts to disable security software and distribute ransomware. Initially, members of the group were able to gain access through vulnerabilities in Fortinet VPN devices.


Leave a Reply

Your email address will not be published. Required fields are marked