Mail delivery giant Pitney Bowes has become the latest victim of the Maze ransomware, just weeks after the gang hit US technology and digital transformation giant Cognizant.
The company has expanded from its franking machine business to be a major player in the e-commerce sector, working closely with Royal Mail. It has offices in the US, the UK, India and Japan and global sales of $3bn.
Pitney Bowes has confirmed the attack although has tried to down play how serious the incident is and has not revealed how much the attackers are demanding.
In a statement, the firm said: “Recently, we detected a security incident related to Maze ransomware. We are investigating the scope of the attack, specifically the type of data that had been accessed, which appears to be limited.
“At this point, there is no evidence of further unauthorised access to our IT systems. The investigation remains ongoing.”
The company said it worked with third-party security consultants to take steps to stop the attack before any of its data was encrypted.
However, Maze has provided what it claims is proof of access in the form of 11 screenshots portraying directory listings from inside the company’s computer network.
In April, the same gang took down systems at Cognizant, whose clients include Axa, BMW, Burger King, Pfizer, GlaxoSmithKiline, Etihad Airways, Johnson & Johnson, Novartis, and JP Morgan Chase.
Last month, the same group claimed they had attacked insurance giant Chubb and had stolen a large amount of personally identifiable information from its systems. In December last year the group also published a subset of data stolen from US manufacturer Southwire after it refused to cough up a $6m ransom.
For Pitney Bowes, the attack is even more embarrassing as it was also hit in October 2019 by a ransomware gang going under the name of Ryuk.
Ransomware car crash hits digital transformation giant
Half of UK firms would pay ransom to avoid GDPR fine
Over 40% of firms suffered cyber breach in past year
Firms warned over new wave of nefarious cyber attacks
TNT Express rocked as cyber attack wipes out $300m
WPP hit as new ransomware attack wreaks global havoc
UK firms ‘leaving themselves wide open to ransomware’