There was a multi -step attack behind the burglary of Valio. Everything began with VPN IDs stolen from a software company employee from a personal computer.
Valio’s fractures stole VPN IDs from Vincit’s employee’s computer. Inka Soveri, Adobe Stock / AOP
Software company Vincit In the financial statement It is reported that the massive hacking in Valio in December originated from VPN IDs stolen via Vincit’s personal computer. The subject was first reported by BTI.
The symbols allow criminals to penetrate Vincit’s client’s closed network and utilize Vincit’s independent security vulnerability in the next step of the attack.
The Vincit announcement states that the company is extremely serious about the event chain. The company says it has done a thorough study in collaboration with security professionals and authorities and will further invest in developing security and risk management.
Valio’s burglary applies to the personal data of the insured person in the Valio pension fund.
– We have posted a letter to every person subject to the hack telling us which correspondence time has been exposed to the scraper. The information provided in the letter has not been taken over by the attacker, the CEO of the Valio Mutual Insurance Company and Valio Pension Case Jari Laaninen Said in Valio’s bulletin in January.