Cyber Breach: Customer Information Compromised in Phishing Attack Targeting Accounting Partner, Reports Framework

U.S. repairable laptop maker Framework has confirmed that hackers accessed customer data after successfully phishing an employee at its accounting service provider. In an email sent to affected customers, Framework said that an employee at Keating Consulting, its primary external accounting partner, fell victim to a social engineering attack that allowed malicious hackers to obtain customers’ personal information related to outstanding balances for Framework purchases. Framework told affected customers that hackers could use this stolen information to impersonate Framework to ask for payment information. The Silicon Valley-based accounting company, which primarily provides interim financial leadership and back-office support to startups, has almost 300 clients, according to its website. Framework said that in light of the incident at Keating, the company will require mandatory phishing and social engineering attack training for any of the company’s employees who have access to Framework customers’ information.

U.S. laptop manufacturer Framework has released a statement confirming that customer data has been compromised by hackers. The company revealed that the breach occurred after an employee at its accounting service provider fell victim to a successful phishing attempt. This news was shared with affected customers through an email from Framework.

The phishing attack specifically targeted Keating Consulting, an external accounting partner of Framework. The email sent by the attacker impersonated the company’s CEO and requested Accounts Receivable information related to outstanding balances for Framework purchases.

According to the email sent to impacted customers, the accountant responded to this request with a spreadsheet containing personal information, such as full names, email addresses, and balances owed. As a result, Framework warned that the stolen information could be used by hackers to impersonate the company and request payment information from customers.

Note: The compromised list mainly includes customers with open pre-orders, but some completed past orders were also included. It is unclear if any of Keating’s other clients were also affected by this data breach. Keating, which primarily provides services to startups, has yet to respond to inquiries about the incident.

The affected company reassured customers that immediate actions are being taken to prevent future breaches. Framework will now require mandatory training for all employees with access to customer information in an effort to combat phishing and social engineering attacks. The company also plans to evaluate and improve the procedures of all accounting and finance consultants who have had access to this data.

At this time, the number of impacted customers has not been disclosed. When contacted for further information, Framework has not been able to provide a response.

If you have any additional details or information regarding this incident, please contact Carly Page securely on Signal at +441536 853968 or via email at carly.page@techcrunch.com. As a news platform, TechCrunch also welcomes any information through SecureDrop. Thank you for helping us bring important news to light.