Legal services company Epiq has taken its systems offline globally after being hit by a piece of ransomware.
Epiq said on Monday that it detected the malware on its systems on February 29. The company said it had found no evidence that any data was exfiltrated or misused.
“As part of our comprehensive response plan, we immediately took our systems offline globally to contain the threat and began working with a third-party forensic firm to conduct an independent investigation,” Epiq said in a statement.
“Our technical team is working closely with world class third-party experts to address this matter, and bring our systems back online in a secure manner, as quickly as possible,” it added. “Federal law enforcement authorities have also been informed and are involved in the investigation.”
It’s unclear which ransomware was involved in the attack and how many of Epiq’s systems were impacted. SecurityWeek has reached out to the company for additional information and we will update this article if we receive a response.
TechCrunch learned from an Epiq employee that the ransomware affected the company’s entire fleet of computers across its 80 global offices. Employees were reportedly told not to go to their local offices without managerial approval and to avoid connecting any devices to the network.
The company’s website, which is currently offline, includes a data security section where the company claims it has a full-time information security team and highly secure, geographically dispersed data centers to reduce the risk of data exposure. However, TechCrunch’s source said many of the firm’s computers were running old versions of Windows and that nothing was up to date.
Ransomware attacks can cause serious problems for major organizations, and several big companies reported being hit over the past year, including Norwegian metals and energy giant Norsk Hydro, Australian shipping giant Toll, Aircraft parts maker ASCO, Mexican oil company Pemex, and testing services provider Eurofins Scientific.
The DHS revealed recently that a piece of ransomware disrupted operations at some natural gas facilities, and an electric utility in Massachusetts informed customers last month that a ransomware infection had disrupted business operations.
Related: New Technique Allows Ransomware to Operate Undetected
Related: Railroad Construction Firm RailWorks Falls Victim to Ransomware
Related: Legislation Would Stiffen Penalties for Ransomware Attacks
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards
- Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Zyxel Firewalls Hacked by Mirai Botnet
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
- Drop in Insider Breaches Drives Decline in Intrusions at OT Organizations
- Zero-Day Vulnerability Exploited to Hack Barracuda Email Security Gateway Appliances
- OAuth Vulnerabilities in Widely Used Expo Framework Allowed Account Takeovers
Latest News
- Chrome 114 Released With 18 Security Fixes
- Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards
- Breaking Enterprise Silos and Improving Protection
- Spyware Found in Google Play Apps With Over 420 Million Downloads
- Millions of WordPress Sites Patched Against Critical Jetpack Vulnerability
- Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery
- PyPI Enforcing 2FA for All Project Maintainers to Boost Security
- Personal Information of 9 Million Individuals Stolen in MCNA Ransomware Attack
