In August 2023, the Scattered Spider group exploited weak verification processes at a third-party help desk to access Clorox’s systems, leading to significant operational and financial damage. This incident highlights the importance of strict caller verification and robust third-party security controls to prevent social engineering attacks. #ScatteredSpider #Clorox
Keypoints
- Attackers impersonated employees and exploited lax verification to reset credentials and MFA.
- The breach resulted in approximately $380 million in damages, including operational disruptions and costs.
- Weak verification at outsourced help desks can increase enterprise risk due to broad privileged access.
- Best practices include enforcing out-of-band verification, approval thresholds, and automated telemetry.
- Contracts with vendors should mandate technical controls, audits, and regular social engineering simulations.
Read More: https://www.bleepingcomputer.com/news/security/can-i-have-a-new-password-please-the-400m-question/