Zoho (ManageEngine) Data Breach
Zoho (ManageEngine) experienced a data breach that was reported on January 23, 2023. Multiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario.
Key Facts
- Organization
- Zoho (ManageEngine)
- Date Reported
- January 23, 2023
- Incident Type
- ransomware
- Industry
- Technology
- Severity Score
- 6/10
- Confidence Level
- high
- Tags
Source
View original source - External link to primary source documentation
Understanding ransomware Incidents
Ransomware attacks encrypt organizational data and demand payment for recovery. They often involve data exfiltration before encryption, enabling double extortion. Organizations should maintain offline backups and incident response plans.