Register for #HIPConf25!

One Account, $1.4 Billion: Inside the Merck NotPetya Breach with Lance Peterman, CIDPRO

 
May 29, 2025 (17:03)

The 2017 NotPetya cyberattack remains one of the most devastating and costly breaches in history, inflicting over $1.4 billion in damages on pharmaceutical giant Merck. What made this attack especially alarming was its simplicity: a single overprivileged service account became the key that unlocked chaos across Merck’s global network.

In episode 74 of the Hybrid Identity Protection Podcast, host Sean Deuby sits down with Lance Peterman, CIDPRO, who was on the front lines during the breach. Lance shares a rare, firsthand account of how the attack unfolded, the critical identity vulnerabilities that were exploited, and the long road to recovery.

See Other Podcasts
CISOs Are the Top of the Information Security Food Chain with Allan Alford
CISOs Are the Top of the Information Security Food Chain with Allan Alford

In this time of constant cyberattacks and increased cybersecurity reporting requirements, a CISO's job is no easy task and typically …

Where IAM Is Heading with Joe Kaplan
Where IAM Is Heading with Joe Kaplan

How is IAM—and the role of the identity security professional—adapting to meet the challenges of today's threat landscape? In this …

Microsoft DART: In the Trenches with Shiva P
Microsoft DART: In the Trenches with Shiva P

Microsoft describes its Detection and Response Team (DART) as the "cybersecurity team we hope you never meet." In this episode of the HIP Podcast, Sean speaks with Shiva P, a Senior Consultant with Microsoft DART. Together, they delve into the tactics used by threat actors and share best practices for minimizing risk. Drawing from his extensive experience in incident response at Microsoft, Shiva takes us through the cyber kill-chain, from initial access to ransomware extortion, providing essential tips and insights.

Recovering Entra ID Resources and Data with Tuna Gezer
Recovering Entra ID Resources and Data with Tuna Gezer

Sean talks with Tuna Gezer, Senior Product Manager for Semperis Disaster Recovery for Entra Tenant (DRET), about how Entra ID …

Lessons Learned from Large-Scale Cyberattacks with HIP Experts
Lessons Learned from Large-Scale Cyberattacks with HIP Experts

This week, the HIP Podcast revisits HIP Global 2023! Listen in as our hybrid identity protection experts present lessons learned …

Acing Active Directory Migration with Michael Masciulli
Acing Active Directory Migration with Michael Masciulli

Anyone who has dealt with the technological side of a merger or consolidation can tell you: Years of technical debt …

Outsmarting Cyber Threats in Education with BJ Welsh
Outsmarting Cyber Threats in Education with BJ Welsh

Cyberattacks against K-12 schools have soared, tripling between 2018 and 2021 and continuing to climb. With many school districts balancing …

The State of Security with Brian Desmond
The State of Security with Brian Desmond

What are in-the-trenches pros observing when it comes to Active Directory and identity security in 2023? Ravenswood Technology Group Principal …

Optimizing Cyber Insurance with Jason Rebholz
Optimizing Cyber Insurance with Jason Rebholz

“[Attackers] don’t hack in, they log in.” In this episode of the HIP Podcast, Sean talks with Jason Rebholz, Corvus …

Tracking Cybercrime with Andy Greenberg
Tracking Cybercrime with Andy Greenberg

This episode of the HIP Podcast revisits 2022’s HIP NYC conference, where Sean sits down with Andy Greenberg, award-winning author …

Learn More