Zscaler Races to Control Narrative Amid Rumours of Hack

Cloud security company Zscaler has been scrambling to get the narrative straight following news of an alleged hack on its system on 8th May

News of an attack on one of the world’s largest cybersecurity companies first swirled on a popular cybercrime forum. 

Rumours began after a notorious hacker called IntelBroker posted how he was “selling access” to a company later confirmed to be Zscaler for US$20,000. 

Zscaler is one of the largest cloud security providers, with over 6,000 customers globally. 

In a blog responding to a post on X talking of the alleged breach, the company posted a update the same day announcing that it was launching an investigation. This announcement saw its shares fall more than 4% on the NASDAQ. 

What was allegedly affected?

The alleged files accessed included “confidential and highly critical logs packed with credentials,” SMTP access, SSL certificates, and other sensitive data. 

In the US, public companies are obliged to follow certain reporting requirements from bodies like the SEC that ask details of cyber breaches to be filed within four days of identifying that it has a material impact.

Hours later, Zscaler followed up their initial statement claiming their investigation has not found evidence of a breach. 

The company later provided an update stating that it discovered an “isolated test environment on a single server (without any customer data) which was exposed to the internet.” 

Although downplaying the importance, and not specifically mentioning if there was a breach, Zscaler stressed the test environment was not hosted on their infrastructure and had no connectivity to Zscaler’s environments. 

Testing times 

Test environments are isolated computer systems specifically designed to mimic real-world security setup but without any customer data. This allows testing and refining of security tools and procedures in a safe space, ensuring any vulnerabilities don't affect their production systems. 

Although potential exposure of a test environment may not affect any data breaches, exposed systems could reveal security weaknesses hackers could exploit in real systems and can even sometimes offer insights into security setup, tools, and even unreleased features.

Zscaler said this test environment was taken offline for forensic analysis but reiterated that no company, customer, or production systems were impacted.

The cybersecurity company later stated they had enlisted a “reputable incident response firm” to initiate an independent investigation whilst they “continue to monitor the situation” before reiterating on 10th May that there was “no impact or compromise” to customer, production and corporate environments.

An independent third party incident response firm continues to work on forensics analysis of the quarantined test environment.

The alleged breach, even if ultimately proved to be contained to a test environment, raises concerns for Zscaler's reputation as a leading cybersecurity provider. 

IntelBroker, had also claimed to have hacked Hewlett Packard Enterprise in February, which the company had also initially denied but later admitted that a test environment was breached.


Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024


Cyber Magazine is a BizClik brand


Featured Articles

Why CISOs Remain Crucial in the Age of Rampant Ransomware

As ransomware attacks escalate, the CISO has emerged as an indispensable guardian for the cybersecurity of companies

Q&A: Protiviti's Sameer Ansari on CISOs' Growing Challenges

Managing Director - Global Cybersecurity and Privacy Lead at Protiviti, Sameer Ansari discusses his views on the growing challenges CISOs now face

How Partnerships Proved Pivotal for UnitedHealth After Hack

When hackers hit UnitedHealth subsidiary Change Healthcare with a huge cyber attack, its partnership with Vyne Dental proved pivotal in managing fallout.

Transforming Cybersecurity: IBM & Palo Alto's AI Integration

Technology & AI

C-suite Indifference to Cyber Could Cost Business £145k

Operational Security

Why Avast Warn of Social Engineering in Cybersecurity

Operational Security