Thursday, February 27, 2025
HomeData BreachLeading research and advisory firms Forrester was hacked

Leading research and advisory firms Forrester was hacked

Published on

SIEM as a Service

Follow Us on Google News

Forrester the most leading research and advisory firm in the world announced that Forrester.com experienced a Security Breach last Friday.

Hackers defaced into their website(Forrester.com) and download research reports that are made available for their clients.The advisory firm supports decision makers of its customers by giving patterns, statistics, and other market analysis.

Steven Peltzman, Forrester’s Chief Business Technology Officer, says the attacker stole valid user credentials that gave him access to Forrester.com accounts. Preliminary forensic evidence suggests that the hacker was ultimately detected and shut out of the system; remediation steps were taken.

It’s unique insights are grounded in annual surveys of more than 675,000 consumers and business leaders worldwide.There is no evidence that confidential client data, financial information, or confidential employee data was accessed or exposed as part of the incident.

“We recognize that hackers will attack attractive targets — in this case, our research IP. We also understand there is a tradeoff between making it easy for our clients to access our research and security measures,” said George F. Colony, chairman and chief executive officer.

“We feel that we have taken a common-sense approach to those two priorities; however, we will continuously look at that balance to respond to changing cybersecurity risk.”

Forrester joins the list of business organizations that suffered data breach after Equifax, Deloitte, and the US Securities and Exchange Commission (SEC).

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Silver Fox APT Hackers Target Healthcare Services to Steal Sensitive Data

A sophisticated cyber campaign orchestrated by the Chinese Advanced Persistent Threat (APT) group, Silver...

Ghostwriter Malware Targets Government Organizations with Weaponized XLS File

A new wave of cyberattacks attributed to the Ghostwriter Advanced Persistent Threat (APT) group...

LCRYX Ransomware Attacks Windows Machines by Blocking Registry Editor and Task Manager

The LCRYX ransomware, a malicious VBScript-based threat, has re-emerged in February 2025 after its...

Threat Actors Using Ephemeral Port 60102 for Covert Malware Communications

Recent cybersecurity investigations have uncovered a sophisticated technique employed by threat actors to evade...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Orange Communication Breached – Hackers Allegedly Claim 380,000 Email Records Exposed

Telecommunications provider Orange Communication faces a potential data breach after a threat actor using the pseudonym “Rey”...

US Employee Background Check Firm Hacked, 3 Million Records Exposed

DISA Global Solutions, a Houston-based provider of employee background checks and workplace safety services,...

Raymond IT Systems Hit by Cyber Attack, Authorities Investigating

Textile and apparel conglomerate Raymond Limited confirmed a cybersecurity breach affecting portions of its...