Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Information Services Giant Wolters Kluwer Hit by Malware Attack

Global information services giant Wolters Kluwer has taken many of its applications and platforms offline after discovering malware on its systems.

The Netherlands-based company started seeing what it described as “technical anomalies” on May 6. This triggered an investigation that led to the discovery of malware.

Global information services giant Wolters Kluwer has taken many of its applications and platforms offline after discovering malware on its systems.

The Netherlands-based company started seeing what it described as “technical anomalies” on May 6. This triggered an investigation that led to the discovery of malware.

“With this action, we aimed to quickly limit the impact this malware could have had, giving us the opportunity to investigate the issue with assistance from third-party forensics consultants and work on a solution. Unfortunately, this impacted our communication channels and limited our ability to share updates,” Wolters Kluwer stated on Wednesday.

The company said it found no evidence that customer data had been accessed or stolen, and there was no indication that its solutions had been leveraged to infect customers with malware.

Wolters Kluwer is a provider of professional information, software, and services for the healthcare, legal, financial and regulatory sectors. The company has customers in nearly every country around the world and last year it reported annual revenues of €4.3 billion ($4.8 billion).

One of the most impacted units of Wolters Kluwer appears to be CCH, which provides software and information services for accounting, tax, and audit workers. Many users have complained on social media about not being able to access CCH websites and cloud-stored tax data.

Security blogger Brian Krebs said he informed CCH on May 3 that directories containing new versions of its software had been configured to allow anyone to write files to them. Krebs said he had spotted “a few odd PHP and text files” in those folders.

Wolters Kluwer has not shared any information about the malware it detected on its systems. However, according to some reports, the incident involved MegaCortex, a piece of ransomware that has been increasingly used to target enterprises.

Advertisement. Scroll to continue reading.

Sophos reported recently that a spike in MegaCortex attacks has been observed since May 1. The attacks targeted organizations around the world, including in Italy, the U.S., Canada, the Netherlands, Ireland and France.

Wolters Kluwer has started restoring its online services, but some of them continue to be offline.

Related: Aluminum Giant Norsk Hydro Hit by Ransomware

Related: Shipping Giant COSCO Hit by Ransomware

Related: UK Police Federation Hit by Ransomware

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.