Forrester, one of the most influential research and advisory firms was hacked

October 8, 2017  By Pierluigi Paganini


Forrester Research announced today that Forrester.com experienced a security breach this week, attackers were ultimately detected and shut out of the system

Forrester, one of the most influential research and advisory firms in the world, revealed on Friday to have suffered a security breach the past week.

The attackers broke into the infrastructure hosting the Forrester.com website, that is also used to allow customers download market research documents according to their contracts.

The advisory firm supports decision makers of its customers by providing trends, statistics, and other market research.

According to company’s Chief Business Technology Officer, Steven Peltzman, crooks stole valid Forrester.com login credentials that allowed them to take over the website.

“The hacker used that access to steal research reports made available to our clients,” Peltzman said.

“There is no evidence that confidential client data, financial information, or confidential employee data was accessed or exposed as part of the incident,” 

Forrester data breach

Hackers did not access confidential client data, financial information, or confidential employee.

Stolen data are anyway a precious commodity in the hands of cyber spies that can access sensitive information related to the customers’and projects.

“We recognize that hackers will attack attractive targets — in this case, our research IP. We also understand there is a tradeoff between making it easy for our clients to access our research and security measures,” said George F. Colony, Chairman and Chief Executive Officer of Forrester. “We feel that we have taken a common-sense approach to those two priorities; however, we will continuously look at that balance to respond to changing cybersecurity risk.”

Forrester is the major financial and business organization that suffered a data breach in the past month, recent victims in order of time are Equifax, Deloitte, and the US Securities and Exchange Commission (SEC).

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – cybercrime, data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

HPE allowed Russians review the code of ArcSight software also used by the Pentagon

 HPE gave Russian gov access to review ArcSight software that is currently used by corporate and government entities worldwide,...