Chinese hackers breached the network of Pulse Secure, a VPN provider owned by software company Ivanti, in February 2021, according to new reporting from Bloomberg.
The attackers reportedly took advantage of existing vulnerabilities in Pulse Secure’s VPN software to install a backdoor. Bloomberg, citing Ivanti’s former chief security officer and other sources, said the backdoor gave hackers access to 119 other organizations that used the same VPN product. Those organizations were not named.
Cybersecurity firm Mandiant was also said to be aware of the breaches. According to the report, Mandiant warned Ivanti that hackers had used the vulnerability to break into European and US military contractors.
The incident had not been publicly reported before. Bloomberg’s investigation describes it as part of a broader pattern tied to private equity ownership. After Clearlake Capital Group acquired Ivanti in 2017, the company reportedly went through several rounds of cost-cutting, especially in 2022. Bloomberg said those layoffs affected employees with deep knowledge of Ivanti’s products and their security systems.
Ivanti disputed key parts of the report. Company spokesperson Carrie Laudie said there was never a backdoor planted by hackers in its Connect Secure product.
Mandiant did not respond to requests for comment.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
