Cybersecurity company Dragos recently experienced a security incident where a known gang breached defences and attempted to encrypt devices. Although the threat actors failed to breach Dragos' network or cybersecurity platform, they did gain access to the company's SharePoint cloud service and contract management system. The breach occurred after the personal email address of a new sales employee was compromised before their start date, downloading data and intelligence reports typically reserved for customers. Dragos responded by disabling the compromised account, asserting that their layered security controls successfully prevented the threat actors from executing their objective of launching ransomware. The attackers were also unable to move laterally, escalate privileges, establish persistent access, or make any changes to Dragos' infrastructure.