Ransomware Wipes Out Data Access for 'Majority' of Cloud Provider's Customers
A cloud hosting firm in Denmark has lost a “majority” of its customer data after a ransomware attack infected the company’s systems.
“Unfortunately, it has proved impossible to recreate more data, and the majority of our customers have thus lost all data with us,” CloudNordic wrote in a translated post.
CloudNordic supplies servers to host email, websites, and other IT services for its customers. But the attack is so devastating CloudNordic must start from scratch in rebuilding the company’s IT systems. “In addition to data, we also lost all our systems and servers and have had difficulty communicating,” the company says.
“We have now re-established blank systems, e.g. name servers (without data), web servers (without data) and mail servers (without data),” CloudNordic adds. A sister company called Azero Cloud suffered the same attack, and has posted an identical notice to the public.
The incident occurred on Friday, Aug. 18, when the company was physically moving some servers from one data center to another. CloudNordic suspects that some of the servers it was moving contained a dormant malware infection. The infected servers were then hooked up to company networks that had access to all of CloudNordic’s server infrastructure, giving the hackers access to both a central admin system and backup systems.
“The attackers succeeded in encrypting all servers' disks, as well as on the primary and secondary backup system, whereby all machines crashed and we lost access to all data,” the company adds.
But while the hackers have locked down access to that data, they do not appear to have removed it from the company’s servers, CloudNordic says. The unidentified ransomware group behind the attack reportedly wants 6 bitcoins
Read more on pcmag.com
