Cyber Incident Victim: Forrester Research
Date:
Oct 2017
Location:
United States of America
Summary
Forrester Research experienced a security breach where attackers compromised its website infrastructure, stealing valid user credentials to access and exfiltrate proprietary research reports intended for clients. While the company confirmed no exposure of confidential client data, financial information, or employee records, the stolen intellectual property—containing market analysis and client product insights—posed significant economic espionage risks due to its potential value to competitors or illicit markets. The firm acknowledged the inherent tension between client accessibility and security measures, emphasizing ongoing evaluations of cybersecurity practices to address evolving threats. This incident occurred amid a series of breaches affecting major financial and advisory entities.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Forrester Research disclosed a security breach on October 7, 2017, following unauthorized access to its website infrastructure (Forrester.com) during the preceding week. Attackers compromised valid user credentials, enabling them to log into client accounts and steal proprietary research reports hosted on the platform. The company confirmed the intrusion targeted research intellectual property but found no evidence of unauthorized access to confidential client data, financial information, or employee records. Steven Peltzman, Forrester's Chief Business Technology Officer, stated the stolen material consisted exclusively of market analysis reports available under client contracts. These reports contained strategic insights used by corporate clients to inform product development and business initiatives. The breach occurred despite standard security measures, with attackers exploiting legitimate credentials to bypass access controls.
The stolen research data held significant commercial value due to its potential use in economic espionage, enabling competitors or malicious actors to identify emerging technologies or corporate product launches. Forrester CEO George F. Colony acknowledged the inherent tension between client accessibility and security protocols, confirming the company would reassess this balance amid evolving cyber threats. While no direct financial or personal data compromise occurred, the incident positioned Forrester alongside other major financial sector breaches disclosed that month, including Equifax, the SEC, and Deloitte. The company initiated standard incident response procedures but did not disclose technical remediation details or attacker attribution. Impact assessments focused on proprietary content loss rather than regulatory or privacy violations, given the absence of compromised sensitive customer information.