Security Incident Update


Recently, we detected a security incident related to a ransomware attack.  We are investigating the scope of the attack, specifically the type of data that had been accessed, which appears to be limited.  Working with our third-party security consultants, we immediately took critical steps to thwart the attack before data could be encrypted.  At this point, there is no evidence of further unauthorized access to our IT systems.  The investigation remains ongoing.


What happened


• On Monday May 4, 2020 Pitney Bowes was the target of a ransomware attack.

• Pitney Bowes products and services remained operational and were unaffected by the attack.

• Our security team and tools identified and stopped the attackers before they were able to encrypt any data or services.

• However, the attackers did manage to gain access to a limited set of corporate file shares. These file shares contained information used by our business teams and functional groups to conduct business-related activities.


What we are doing


• We are doing enhanced monitoring and detailed forensic work, to ensure that we have identified the full universe of data.

• In consultation with our third-party security advisors, we also have seen no evidence that the malware can be propagated to any client or partner systems. 

• Due to Pitney Bowes security controls and alerts, the ransomware attack was stopped before any information could be encrypted, including further protections through use of tools and processes, such as

• End point detection and response advanced threat protection tooling, which identified the malicious behavior and prevented the encryption malware from executing.

• Privileged Account Access management solution, which requires dual factor authentication and single use passwords.

• Security Incident and Event operations allowed us to quickly identify the attack and effectively minimize the time between intrusion and detection/response.

• At this point we see no evidence of further unauthorized access to our IT systems. 

• Pitney Bowes is sharing information with law enforcement with expertise in ransomware.

• Pitney Bowes internal resources continue to work with our security partner (IBM IRIS) to finalize the forensic analysis on the attack.