A sophisticated persistent threat group compromised an organization’s authentication infrastructure and retained access for approximately ten years, gaining extensive visibility into administrative operations. The attackers achieved deep control over credential and access management systems, allowing undetected monitoring of high-privilege activity throughout the extended compromise period.

Why it matters in Western Canada: Authentication infrastructure is fundamental to Western Canadian organizations in government, healthcare, energy, and finance. A prolonged compromise of this nature demonstrates the risk of advanced persistent threats targeting critical identity systems that protect sensitive data and operational continuity.

---

Summary generated from the original advisory. Read the full source: bleepingcomputer