Forrester, one of the most influential research and advisory firms in the world, revealed on Friday to have suffered a security breach the past week.
The attackers broke into the infrastructure hosting the Forrester.com website, that is also used to allow customers download market research documents according to their contracts.
The advisory firm supports decision makers of its customers by providing trends, statistics, and other market research.
According to company’s Chief Business Technology Officer, Steven Peltzman, crooks stole valid Forrester.com login credentials that allowed them to take over the website.
“The hacker used that access to steal research reports made available to our clients,” Peltzman said.
“There is no evidence that confidential client data, financial information, or confidential employee data was accessed or exposed as part of the incident,”
Hackers did not access confidential client data, financial information, or confidential employee.
Stolen data are anyway a precious commodity in the hands of cyber spies that can access sensitive information related to the customers’and projects.
“We recognize that hackers will attack attractive targets — in this case, our research IP. We also understand there is a tradeoff between making it easy for our clients to access our research and security measures,” said George F. Colony, Chairman and Chief Executive Officer of Forrester. “We feel that we have taken a common-sense approach to those two priorities; however, we will continuously look at that balance to respond to changing cybersecurity risk.”
Forrester is the major financial and business organization that suffered a data breach in the past month, recent victims in order of time are Equifax, Deloitte, and the US Securities and Exchange Commission (SEC).
(Security Affairs – cybercrime, data breach)