APT targets big executive head hunter


Korn Ferry, the publicly traded executive head hunter, has announced that it was the target of a sophisticated cyber attack--the company categorized it as an APT, that is, an advanced persistent threat--by unknown assailants.

"Upon discovering this data security breach, the company took immediate steps to contain the impact of the breach and investigate its source."

Korn Ferry says it "aggressively responded to this intrusion, and with the assistance of a leading digital risk management and investigations firm, has taken actions to remediate the data security breach and further enhance the security of its global network."

The company says it continues to work closely with law enforcement on the attempted breach. The databases that were targeted were "not designed or structured to collect credit card, payment card, bank account, social security numbers, government identification numbers or health information," the company said.

Why would an overseas state actor go after a head hunter? One might think that the firm would be in possession of all kinds of personal data on a who's who of key executives, some of it quite proprietary. It's not clear how such information might be used, but that's beside the point really.

The other intriguing question is why the company went public with it. It obviously sees the attempted breach as material information. It might also be responding to threats by some entity to make the attack publicly known to portray the company in an unfavorable light. 

For more:
- here's the release