French technology company Shadow has confirmed a data breach involving personal customer information.
The Paris-based startup, which offers games through its cloud-based PC service, said in an email to its customers this week that hackers had accessed their personal information after a successful social engineering attack. aimed at the company.
“In late September, we were the victim of a social engineering attack targeting one of our employees,” Shadow CEO Eric Sèle said in the email seen by TechCrunch. “This highly sophisticated attack began on the Discord platform with the download of malware under the cover of a game on the Steam platform, proposed by an acquaintance of our employee, himself a victim of the same attack.”
Shadow said that although its security team took unspecified “immediate action,” hackers were able to connect to the management interface of one of the company’s software-as-a-service (SaaS) providers to obtain private customer data.
That data includes full names, email addresses, dates of birth, billing addresses, and credit card expiration dates. Shadow says no passwords or sensitive banking details were breached.
An individual who posted on a popular hacking forum on Wednesday claiming responsibility for the Shadow breach said they are selling the stolen database, which allegedly contains the personal data of more than 530,000 Shadow customers. The individual said they were selling the alleged data after claiming the company ignored it.
Shadow spokesperson Thomas Beaufils confirmed the authenticity of the email the company sent to customers, but declined to comment further or respond to TechCrunch’s questions. Shadow declined to name the software-as-a-service provider when asked by TechCrunch or say whether it knows how many Shadow customers are affected, but the spokesperson did not dispute the hacker’s claims when asked.
Shadow’s email to customers, which has not yet been shared on any of the company’s websites or social media channels as of this writing, says the company has “reinforced the security protocols” it uses. with its suppliers and has updated internal systems to “make compromised workstations harmless.”
The company advises customers to be wary of emails that appear suspicious and to set up multi-factor authentication on their accounts.