Information on an IT security incident

Information on an IT security incident

Yesterday, a press article mentioned a cyberattack concerning Econocom.

To clarify what happened, the group would like to state that it was indeed the subject of a security attack on part of its own infrastructures in autumn.

Econocom’s teams of specialists, supported by IT security experts, quickly ascertained that the infrastructures of Econocom’s clients were unaffected by this attack.

The day straight after the attack, the incident was declared to the relevant French authorities (CNIL, ANSSI, CERT) and the police.

These authorities were then informed of the attack’s characteristics and the solutions used to rectify the situation, mainly to provide an account that could help other firms affected by such attacks. Discussions were also held with France’s financial markets regulator, AMF.

Given the negligible impact this attack had on our business and the desire of the authorities involved in the investigation to keep the details about it confidential, Econocom consciously and unapologetically decided to directly inform only those concerned by the incident.

Further information on 17 January 2021

Econocom specifies that the data breach revealed by the press article was not detectable prior to publication.