ownCloud urges MFA adoption following credential theft attacks
Summary
Hide ▲
Show ▼
ownCloud has advised users to enable multi-factor authentication (MFA) after credential theft attacks targeted self-hosted file-sharing platforms. The attacks, involving infostealer malware like RedLine, Lumma, and Vidar, compromised credentials and accessed accounts without MFA. ownCloud confirmed no platform vulnerabilities were exploited, emphasizing the need for MFA to prevent unauthorized access. The incidents affected multiple organizations, including high-profile entities, with threat actors selling stolen corporate data. Hudson Rock reported thousands of infected computers, highlighting the widespread impact.
Timeline
-
07.01.2026 16:34 1 articles · 23h ago
ownCloud advises MFA adoption after credential theft attacks
ownCloud has urged users to enable multi-factor authentication (MFA) following credential theft attacks. Infostealer malware obtained credentials, which were used to access accounts without MFA. Hudson Rock reported thousands of infected computers, including those on networks of high-profile organizations. ownCloud confirmed no platform vulnerabilities were involved.
Show sources
- ownCloud urges users to enable MFA after credential theft reports — www.bleepingcomputer.com — 07.01.2026 16:34
Information Snippets
-
ownCloud has over 200 million users, including enterprise and public-sector organizations.
First reported: 07.01.2026 16:341 source, 1 articleShow sources
- ownCloud urges users to enable MFA after credential theft reports — www.bleepingcomputer.com — 07.01.2026 16:34
-
Infostealer malware (RedLine, Lumma, Vidar) obtained user credentials from infected employee devices.
First reported: 07.01.2026 16:341 source, 1 articleShow sources
- ownCloud urges users to enable MFA after credential theft reports — www.bleepingcomputer.com — 07.01.2026 16:34
-
Compromised credentials were used to access ownCloud accounts without MFA enabled.
First reported: 07.01.2026 16:341 source, 1 articleShow sources
- ownCloud urges users to enable MFA after credential theft reports — www.bleepingcomputer.com — 07.01.2026 16:34
-
ownCloud confirmed no zero-day exploits or platform vulnerabilities were involved.
First reported: 07.01.2026 16:341 source, 1 articleShow sources
- ownCloud urges users to enable MFA after credential theft reports — www.bleepingcomputer.com — 07.01.2026 16:34
-
Hudson Rock identified thousands of infected computers, including those on networks of Deloitte, KPMG, Samsung, Honeywell, Walmart, and the U.S. CDC.
First reported: 07.01.2026 16:341 source, 1 articleShow sources
- ownCloud urges users to enable MFA after credential theft reports — www.bleepingcomputer.com — 07.01.2026 16:34