Cleo (Multiple Products) Data Breach
Cleo (Multiple Products) experienced a data breach that was reported on December 17, 2024. Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload vulnerability that could allow an unauthenticated user to import and execute arbitrar
Key Facts
- Organization
- Cleo (Multiple Products)
- Date Reported
- December 17, 2024
- Incident Type
- ransomware
- Industry
- Technology
- Severity Score
- 6/10
- Confidence Level
- high
- Tags
Source
View original source - External link to primary source documentation
Understanding ransomware Incidents
Ransomware attacks encrypt organizational data and demand payment for recovery. They often involve data exfiltration before encryption, enabling double extortion. Organizations should maintain offline backups and incident response plans.