Entrust is a security company specializing in online trust and identity management, providing various services such as encrypted communications, secure digital payments, and ID issuance solutions.
This attack could have ramifications for many critical and sensitive organizations that use Entrust for identity management and authentication, depending on the stolen data.
The compromised organizations include US government agencies, such as
- The Department of Energy,
- The Department of Homeland Security,
- The Department of the Treasury,
- The Department of Health & Human Services,
- The Department of Veterans Affairs,
- The Department of Agriculture, and many more.
Entrust was breached on June 18th, according to BleepingComputer, and hackers stole corporate data during the cyberattack.
On July 6th, security researcher Dominic Alvieri tweeted a screenshot of a security notice sent to Entrust’s customers, confirming the breach.
Source: bleepingcomputer.com, Ziroh Alert (#ZirohAlert)