Danish cloud hosting services provider CloudNordic has announced that all its systems were rendered unusable following a ransomware attack.
The attack, the company explains in an incident notice on its website, started on Friday, August 18, and resulted in all its systems and servers being shut down.
“Websites, e-mail systems, customer systems, our customers’ websites, etc. Everything. A break-in that has paralyzed CloudNordic completely, and which also hits our customers hard,” reads the English translation of the announcement.
According to CloudNordic, the attackers took advantage of an ongoing transition to a new data center and likely leveraged an existing, dormant infection to encrypt all systems.
During the transition, previously separated servers were connected to the company’s internal network, providing the attackers with access to the central administration systems and the backup systems, including secondary ones.
“The attackers succeeded in encrypting all servers’ disks, as well as on the primary and secondary backup system, whereby all machines crashed and we lost access to all data,” the cloud hosting firm explains.
CloudNordic says it has no plans to pay a ransom, although its investigation into the attack showed that it cannot recover the lost data.
“Unfortunately, it has proved impossible to recreate more data, and the majority of our customers have thus lost all data with us. This applies to everyone we have not contacted at this time,” the company announced.
According to the company, the encryption was performed via the administration systems, and there is no evidence that the attackers had access to or exfiltrated any data from the compromised servers.
“Very large amounts of data were encrypted, and we have seen no signs that large amounts of data have been attempted to be copied out,” the company notes.
CloudNordic says it has started restoring new systems, including name servers, web servers, and mail servers, to help customers restore their services without moving their domains.
The company encourages customers to contact it via email to restore their domains, and to recover their email messages from the mail clients on their computers, if possible. CloudNordic also warns that the recovery process might take a very long time.
Related: Cybersecurity Companies Report Surge in Ransomware Attacks
Related: 1.5 Million Impacted by Ransomware Attack at Canadian Dental Service
Related: Dozens of Organizations Targeted by Akira Ransomware
More from Ionut Arghire
- Generative AI Startup Nexusflow Raises $10.6 Million
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
- Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers
- FBI Warns Organizations of Dual Ransomware, Wiper Attacks
- Lumu Raises $30 Million for Threat Detection and Response Platform
- Cisco Warns of IOS Software Zero-Day Exploitation Attempts
- Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
Latest News
- Bankrupt IronNet Shuts Down Operations
- AWS Using MadPot Decoy System to Disrupt APTs, Botnets
- Generative AI Startup Nexusflow Raises $10.6 Million
- In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- National Security Agency is Starting an Artificial Intelligence Security Center
- CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
