Dentsu has become the first major advertising network to be struck by the latest wave of cyber attacks following what the group has called a “security incident” within the Merkle network.
While details are still thin on the ground, and the group has yet to confirm how many people have been affected, Dentsu has admitted “certain files” have been taken from Merkle’s network containing information about clients, suppliers, and current and former employees.
Merkle has over 16,000 employees globally across more than 30 countries, including Europe and the Middle East, the Americas, and APAC, while clients include Samsung, Kimberly-Clark, Sony, Kellogg’s, and Volkswagen. It is not known which region has been affected.
In an email to staff, the company suggested that the compromised information includes bank and payroll details, salary, National Insurance numbers, and personal contact information.
In response to the attack, Dentsu says it has engaged third-party cyber incident response firms, notified law enforcement, and has started informing affected individuals in accordance with applicable laws.
The company has brought its systems back online and is fully operational. It is also offering a year of credit and dark-web monitoring services through Experian Identity Plus to affected employees.
Dentsu has since released a statement, which reads: “We identified unusual activity on a portion of Merkle’s network. Upon discovery, we immediately took action to respond by initiating our incident response protocols, taking some of our systems offline, out of precaution, and taking other steps to contain the activity.
“Third-party cyber incident response firms who have helped other companies in similar situations were engaged to assist, and law enforcement has been notified. We have brought systems back online and we are fully operational.
“The investigation identified that certain files were taken from Merkle’s network. A review of those files determined that they contained information relating to some clients, suppliers, and current and former employees. Although our investigation remains ongoing, we have begun the notification process in accordance with applicable law.”
While it is still too early to say who is behind the attack, Chancellor Rachel Reeves recently told ITV News that “hostile states like Russia” are behind some of the cyber attacks the UK has suffered in recent months.
Merkle current deal with Salesforce training provider RefugeeForce to help refugees – especially those fleeing Ukraine – to learn new digital skills woukld certainly make it a target.
RefugeeForce educates refugees and helps them start their Salesforce career through personalised programmes, with one-on-one mentorship, job coaching, and network expansion.
Even so, back in the 2017, when the NotPetya ransomware attack hit WPP among others, Dentsu insisted it had “an established global cyber security programme to assess and deploy approved vendor patches, to scan and manage vulnerabilities and deploy latest anti-virus definition across the enterprise”.
The company added: “This has put us in a strong position to respond and we will continue to prioritise our cyber security programme to ensure we are at the forefront of managing emerging threats.”
Related stories
Brands scramble for talent as fears grow over cyber war
M&S faces £300m hit as cyber attack fall-out continues
Ransomware fine fuels security warning to all UK firms
Govt wades in as Co-op and M&S cyber attacks escalate
Ransomware victims who pay up are nearly all hit again
UK firms braced for fresh wave of ransomware attacks
UK firms still in dark over new cyber security measures
Major brands warned over extortion after global attack
Be the first to comment on "Merkle data hit as Dentsu is rocked by ‘security incident’"