"Laptop Maker Framework Says Customer Data Stolen in Third-Party Breach"

Laptop computer maker Framework has recently started notifying users that personal information was stolen in a data breach at its primary external accounting partner.  The California-based company said the incident occurred on Thursday, January 11, and was the result of a phishing attack targeting an employee at Keating Consulting.  The company noted that by impersonating the Framework CEO, the attackers requested Keating Consulting’s employee to provide “accounts receivable information pertaining to outstanding balances for Framework purchases.”  The employee responded to the email on January 11, sending the attackers a spreadsheet containing the full names, email addresses, and balances related to a subset of open pre-orders and some completed past orders.  Framework was made aware of the incident roughly half an hour after the response email was sent to the attackers, and Keating Consulting was informed of the error.  The company urges users to remain vigilant of any phishing attempts that might impersonate Framework to request payment information or to deliver malicious links.

SecurityWeek reports: "Laptop Maker Framework Says Customer Data Stolen in Third-Party Breach"