WESTLAKE, Texas– (BUSINESS WIRE)–defi SOLUTIONS, the leading provider of originations, servicing, and managed servicing software and services, is announcing today an unsuccessful hacking and extortion attempt by a known cybercriminal group.
The group, which according to the Cybersecurity Advisory (CSA) has targeted organizations in multiple U.S. critical infrastructure sectors since June 2022, contacted defi through emails and phone numbers from the company’s public-facing website and threatened to inform defi partners (also published on the company’s public-facing website), regulators, and others of the intrusion and to disseminate what they referred to as confidential information.
Over a month prior to the group’s contact, during a contemporaneous review of access logs, defi had discovered unauthorized access to legacy infrastructure that was in the process of being decommissioned and completely network segmented from all other defi commercial systems. That access resulted in the retrieval of certain legacy product documentation and possibly some other dated internal defi documents. defi took immediate steps to cut off the unauthorized access and to further isolate the compromised infrastructure. No sensitive defi information, client information, or consumer information was accessed. Given the limited nature of the accessed information, defi did not provide public notice of this intrusion.
The hackers have since followed through on threats and have begun contacting certain organizations, falsely claiming to have confidential information.
“This is nothing more than a bluff,” said Robert Olen, VP, Information Security, defi SOLUTIONS. “From what we see, there is no threat to defi, its employees, customers, partners or any consumers.”