The data breach incident was first detected on the morning of March 29, 2023, when employees were unable to access files in the firm’s shared drives. - Photo Illustration: Reuters
CH Offshore is an owner-operator and ship manager of support vessels in the offshore marine oil and gas sector. Suspicious remote virtual private network connections were also detected, suggesting that hackers had gained access to CH Offshore’s network through two VPN connections – one belonging to an employee and the other to an outsourced IT vendor.
About 2.38TB of data was transferred through the suspicious VPN connections, which included personal data of former employees as well as board directors and stakeholders. Examples it cited included the lack of multi-factor authentication for VPN log-ins, and its firewall firmware, which had not been updated since December 2021.