Attackers gain access to Logitech via zero-day vulnerability
The manufacturer of computer peripherals Logitech experienced an IT security incident. Attackers were able to access internal data.
(Image: heise online / dmk)
Attackers gained access to the computer systems of Logitech International. According to the computer accessories manufacturer, they copied data from customers and employees.
Vulnerability now closed
This is stated in a current press release. The manufacturer currently assumes that the attackers broke into internal IT systems by successfully exploiting a zero-day security vulnerability in a third-party software platform and were able to copy data.
A zero-day vulnerability refers to a weakness for which there is no security patch at the time of an attack. Logitech assures that they have now closed the vulnerability via an update.
Data Loot
Those responsible state that the attackers had "likely" access to "limited" information from customers and employees. There are currently no further details on the specific scope and the copied content. However, Logitech rules out at this point that personal information such as ID numbers and credit card data are among them.
The IT security incident had no impact on the manufacturer's products, business operations, or manufacturing. The incident will be further investigated with the help of an external security firm. Logitech expects that cyber insurance will cover the costs incurred by the damage and forensic investigations.
The perpetrators
Videos by heise
Since the cybercriminals from Clop recently added Logitech to their list of victims, it is likely that they are behind the attack. It is assumed that they will now blackmail the manufacturer and use the stolen data as leverage for a ransom payment.
The Clop gang claims to have gained access to the IT systems of various manufacturers through a "critical" vulnerability (CVE-2025-61882) in Oracle E-Business Suite. The vulnerability was closed in October of this year.
(des)
