At the end of September, Shadow, the cloud service now owned by Octave Klaba (OVHCloud), was the target of a major computer attack. Hackers succeeded in stealing personal data belonging to the platform's customers, including their names, e-mail addresses, dates of birth, billing addresses and bank card expiry dates. However, Shadow is keen to reassure customers that passwords and sensitive banking information have remained intact and secure.
This sophisticated hack was carried out using a social engineering attack, targeting a Shadow employee on Discord. Unfortunately, the employee downloaded malware, disguised as a game available on Steam, offered by an acquaintance infected with the virus. Once inside Shadow's systems, the hacker used a stolen cookie to access the interface of one of the platform's SaaS providers, then extracted customer information via the API.
Shadow did not specify the exact number of customers affected by the data leak. In 2020, the platform had around 100,000 customers in France, and was aiming to reach 500,000 customers in Europe in 2021. By estimating an average impact rate of 10 % (the proportion of victims of a cyber attack among users of a service), we obtain a range of 10,000 to 50,000 Shadow customers affected by the hack. However, this is a rough estimate.
Shadow reacted quickly, taking steps to strengthen the security of its systems and suppliers by disabling the cookie used by the hacker. The company also apologised to its customers and urged them to activate two-factor authentication (2FA) and remain vigilant against phishing attempts.
The hack comes at a sensitive time for Shadow, which had just launched a new service aimed at students and professionals. It is also part of the Synfonium project, a future initiative to create a European cloud champion, bringing together companies such as Qwant, the privacy-focused search engine.
Leave feedback about this