BeyondTrust reports cyberattack on remote support products but rules out ransomware

BeyondTrust reported a cyberattack on its Remote Support products in early December 2024. The company confirmed that hackers accessed an API key, allowing them to reset local app account passwords. This was not a ransomware attack. BeyondTrust identified and patched two vulnerabilities during its investigation. One critical flaw, with a severity score of 9.8, affects its Remote Support and Privileged Remote Access products. The second flaw has a medium severity score of 6.6. The company revoked the compromised API key and notified affected customers. It also suspended the impacted instances and provided alternative solutions. BeyondTrust has not confirmed if any customers were directly affected by the attack.