ARN

Epicor Software hit by cyber attack

Stressed that customer data hosted in its cloud solutions was not affected

Business software provider Epicor has become the latest vendor to be hacked as a wave of cyber attacks rocks the technology industry. 

Epicor admitted that a portion of its network had been breached at an unspecified time, and that it was now investigating it. The company stressed that its business operations and customer data hosted in its cloud solutions were unaffected by the breach. 

In a statement, Epicor CEO Steve Murphy said it was working with an “industry-leading” cyber security firm to uncover the breach and that the investigation remains ongoing as of 9 December. 

“We understand this may raise questions and concerns, and we are working diligently to gather accurate information. In the meantime, we can tell you that the business operations of Epicor have not been impacted, nor were the cloud solutions and data we host for our customers impacted in any way,” he said.  

“Our team is fully adhering to all regulatory requirements and we will continue to be in communication with you on this matter." 

The statement comes as security giant FireEye also admits to being a victim of a cyber attack from a “nation-state” hacking group. 

According to FireEye, a "highly sophisticated threat actor" accessed its internal network and stole several “red team tools”, used to imitate real-world attacks and test customers’ networks.  

CEO Kevin Mandia said the attack was different from the “tens of thousands of incidents” FireEye has responded to over the years.  

“Based on my 25 years in cyber security and responding to incidents, I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities,” he said in the post. 

On the same day, it was revealed that Taiwanese electronics giant Foxconn was hit by an ransomware attack which saw the perpetrators demand $34.7 million in Bitcoin. According to US website Bleeping Computer, cyber criminals infiltrated Foxconn’s networks on November 29, stealing and encrypting files and deleting data from servers at the company’s Mexican operation.