Optimizely Data Breach Highlights Risks of Social Engineering in Ad Tech
New York-based ad tech firm Optimizely suffered a data breach after falling victim to a voice phishing (vishing) attack, compromising customer data and underscoring the risks of social engineering in supply chains.
Affected
The breach occurred due to a vishing attack, where threat actors exploited human vulnerabilities rather than technical flaws. This highlights the growing reliance of cybercriminals on social engineering tactics to infiltrate organizations. Optimizely's case is significant because ad tech companies often handle vast amounts of sensitive user data, making them attractive targets. The attack demonstrates how even seemingly secure organizations can be compromised through employee manipulation. Defenders should prioritize training employees to recognize vishing attempts, implement multi-factor authentication for critical systems, and monitor for unusual account activities. This incident also underscores the need for stricter vendor security practices in supply chains, as breaches in third-party services can have cascading effects on customers.
Sources