LANDESK, a company that sells software to help organizations securely and remotely manage their fleets of desktop computers, servers and mobile devices, alerted employees last week that a data breach may have exposed their personal information. But LANDESK employees contacted by this author say the breach may go far deeper for the company and its customers.
The South Jordan, Utah-based LANDESK makes and markets software that helps organizations manage all users, platforms and devices from a single digital dashboard. The company’s software specializes in automating and integrating IT systems management, endpoint security management, service management, IT asset management, and mobile device management.
On Nov. 18, 2015, LANDESK sent a letter to current and former employees warning of an intrusion, stating that “it is possible that, through this compromise, hackers obtained personal information, including names and Social Security numbers, of some LANDESK employees and former Wavelink employees.”
LANDESK declined to answer questions for this story. But the company did share a written statement that mirrors much of the text in the letter sent to affected employees:
“We recently became aware of some unusual activity on our systems and immediately initiated safeguards as a precaution and began an investigation. As part of our ongoing investigation in partnership with a leading computer forensics firm, we recently learned that a small amount of personally identifiable information for a limited number of our employees may have been accessible during the breach. While no data compromises of personally identifiable information are confirmed at this point, we have reached out with information and security resources to individuals who may have been affected. The security of our networks is our top priority and we are acting accordingly.”
“The few employees who may have been affected were notified promptly, and at this point the impact appears to be quite small.”
According to a LANDESK employee who spoke on condition of anonymity, the breach was discovered quite recently, but system logs show the attackers first broke into LANDESK’s network 17 months ago, in June 2014.
The employee, we’ll call him “John,” said the company only noticed the intrusion when several co-workers started complaining of slow Internet speeds. A LANDESK software developer later found that someone in the IT department had been logging into his build server, so he asked them about it. The IT department said it knew nothing of the issue. Continue reading