Qualcomm has suffered a cybersecurity issue impacting the security of its visitor check-in system.
The tech giant has begun notifying impacted individuals of the issue in a privacy notice which reads, “Last week on January 15 we became aware of an issue affecting the security of Qualcomm’s visitor check-in system.”
Impacted individuals include people who would have previously visited one or more of Qualcomm’s offices and used the visitor check-in system.
The attack left impacted users’ information exposed to unauthorised access. Information such as an individual’s contact and employer information, citizenship, and the date, time, and purpose of their visit has been exposed.
Credit card information, government identifiers, or birthdates were not exposed as part of the attack, posing no significant risk to identity theft, as per Qualcomm’s privacy notice.
However, since a user’s contact information was exposed, they may be facing a risk of phishing.
According to Qualcomm’s FAQ page on the issue, cyberattackers leveraged a remote-code execution vulnerability in its QVisit application to access the servers that host the application.
This allowed them to download and run additional software providing them login access to the compromised system.
“Analysis of the systems and available logs do not indicate the attackers took any further actions in the application or on the system,” as per the FAQ page.
“We have completed a rebuild of the impacted QVisit application and associated infrastructure to ensure the intrusion was contained and further access is prevented. We have also added additional cybersecurity monitoring to detect any future intrusion attempts. The intrusion has been reported to the federal authorities and we are notifying impacted individuals,” it said on the FAQ page.
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.