Ivanti Pulse Connect Secure data breach

On April 20, 2021, it was reported that suspected Chinese-state backed hacker groups had breached multiple government agencies, defense companies and financial institutions in both the US and Europe after the hackers created and used a Zero-day exploit for Ivanti Pulse Connect Secure VPN devices. A Cybersecurity and Infrastructure Security Agency alert reported that the attacks using the exploited started in June 2020 or earlier. The attacks were believed to be the third major data breach against the U.S. in the previous year behind the 2020 United States federal government data breach and the 2021 Microsoft Exchange Server data breach.

Impact
A Cybersecurity and Infrastructure Security Agency alert reported that the attacks affected "U.S. government agencies, critical infrastructure entities, and other private sector organizations." A spokesperson for Ivanti said that only a "limited number" of customers had been compromised. Mandiant's chief financial officer Charles Carmakal said that while the hack had only a small indication of having a large number of victims. He said the breach was significant because it had allowed unauthorized access to federal and corporate systems for months.

Responses
A spokesperson for Ivanti said that while mitigations are in place a patch to fix the vulnerabilities was not expected until May. With the patch finally being released on May 3, 2021. The CISA issued an emergency directive requiring that federal agencies install product updates. China has denied being behind the attack and accused the U.S. of being the "biggest empire of hacking and tapping."