Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security

Clorox Security Breach Linked to Group Behind Casino Hacks (bloomberg.com) 23

A notorious group of hackers blamed for recent breaches on major casino companies is also suspected of being behind a recent cyberattack against Clorox that has led to a nationwide shortage of its cleaning products. Bloomberg News: Officials suspect that "Scattered Spider" is responsible for a breach that Clorox first disclosed in August, according to four people familiar with the situation, who asked not to be identified because the information isn't public. The same group, known for its so-called social engineering tactics, was tied to attacks on Caesars Entertainment and MGM Resorts International in recent weeks, Bloomberg News previously reported.

Scattered Spider hackers specialize in targeting call centers and IT help desks, impersonating employees to trick support staff into coughing up information to gain access to accounts. The fallout from their recent attacks has been profound. At MGM properties, guests couldn't charge purchases to their rooms, slot machines were shut down and reservation websites weren't working. The impact on Clorox was arguably much worse. The company didn't immediately respond to requests for comment. On Friday, Clorox indicated that it was still working to recover from the disruption. "We are ramping up production and working to restock trade inventories," the company said in a statement. "We are focusing on maximizing shipments and restocking trade inventories."

This discussion has been archived. No new comments can be posted.

Clorox Security Breach Linked to Group Behind Casino Hacks

Comments Filter:
  • Maybe (Score:5, Insightful)

    by RitchCraft ( 6454710 ) on Wednesday October 04, 2023 @03:06PM (#63900247)

    Maybe, just maybe, we consider going old school and get these systems disconnected from the Internet until a solution is found. I know, sounds crazy, but this shit is only going to get worse. Sneaker-net the information from these air-gapped systems when necessary. The benefits of having your data systems on the Internet have been completely voided at this point. It's only a matter of time before your company is the next victim.

  • virus (Score:5, Funny)

    by bugs2squash ( 1132591 ) on Wednesday October 04, 2023 @03:10PM (#63900259)
    Oh the irony if they infected Clorox with a virus to make their attack
  • ...Clorox indicated that it was still working to recover from the disruption. "We are ramping up production and working to restock trade inventories," the company said in a statement. "We are focusing on maximizing shipments and restocking trade inventories."

    Hmm...I don't think we've gotten quite enough clarity on trade inventories, so whom should we ask? The PR bot who wrote this, or the PR bot who wrote this...

  • There's no way to sanitize this, the breach left a stain that Clorox couldn't wipe out.

  • I didn't even realize that Clorox was an independent company, let alone publicly traded. I always assumed it was just a brand of Johnson & Johnson or something. Amusingly its value skyrocketed in 2020 while most others tanked.

    • Same here. All of those people wiping down surfaces during the covid pandemic were buying clorox products. lol

  • We can't allow our country to be blackmailed by foreign interests. Big government is always the solution to big problems. I am sure there are Congressmen who would love to host a large government construction project in their home state.
  • by Hoi Polloi ( 522990 ) on Thursday October 05, 2023 @09:47AM (#63902311) Journal

    We have an environment with millions of businesses and organizations, all with wildly varying levels of security know how, security concern, systems, etc. All you need are a few very skilled and determined criminal groups to prey on them to tear it up. It is like a big wolf let loose in a pen of lambs. There is no way to keep millions of independently managed systems secure from that sort of threat. Even worse is they are frequently interconnected so you only have to find the weakest point in the system (like a subcontractor allowed access to your network) to undo the security on the rest. At this point I have to wonder if looking at your most valuable assets and physically disconnecting them from the outside is the only truly secure option. Don't keep anything truly valuable on the outward facing systems. Unfortunately you still need to keep sensitive customer information on e-commerce sites to allow for purchasing.

  • by szo ( 7842 )

    Seculity Bleach?

  • Thank God for just in time production. Modern society shouldn't have to wait 15 minutes to figure out if they're going to get their delivery or not. Why have all that when you could have the convenience of one small disturbance, ruining your entire supply chain completely for months at a time? Redundancy is for morons. j/s

You know you've landed gear-up when it takes full power to taxi.

Working...