A10 Networks confirms data breach after Play ransomware attack
California-based networking hardware maker A10 Networks has confirmed that the Play ransomware gang briefly gained access to its IT infrastructure and compromised data.
A10 Networks specializes in the manufacture of software and hardware application delivery controllers (ADC), identity management solutions and bandwidth management appliances, while also offering firewall and DDoS threat intelligence and mitigation services.
Its clients include Twitter, LinkedIn, Samsung, Uber, NTT Communications, Sony Pictures, Windows Azure, Xbox, Yahoo, Alibaba, China Mobile, Comcast, Deutsche Telekom, Softbank, GE Healthcare, GoDaddy and The Huffington Post.
In an 8-K filing filed earlier this week, the company says the security incident occurred on January 23, 2023, and lasted several hours before its IT team was able to stop the intrusion and contain the damage.
The company’s investigation determined that the threat actors were able to gain access to shared drives, deploy malware, and the compromised data related to human resources, finance, and legal functions.
Despite the successful network intrusion, the company says the security incident did not affect any of its products or solutions and could not affect its customers.
“Working with outside experts, the company contained the attack on its network and notified the appropriate law enforcement authorities of the incident,” the 8-K filing said.
“The company does not currently anticipate that this event will have a material impact on its operations.”
The Play ransomware gang added A10 Networks to its extortion site yesterday, threatening to leak the files it stole during Sunday’s breach.
The threat actors claim to be in possession of confidential files, including technical documentation, employee and customer documents, agreements and personal data.