Communications and IT solutions provider Lumen Technologies this week revealed that it fell victim to two cyberattacks, including a ransomware attack that crippled some of its systems.
Headquartered in Monroe, Louisiana, Lumen offers an enterprise technology platform that combines networking, cloud, security, and collaboration services.
In a Form 8-K filing with the US Securities and Exchange Commission (SEC) this week, the company revealed that intruders deployed malware on its systems in two separate incidents.
The first of them was a ransomware attack in which “a limited number of the company’s servers that support a segmented hosting service” were infected.
Following the incident, a small number of Lumen’s enterprise customers are seeing degraded operations, the company says.
As part of the second incident, the company notes in the SEC filing, an intruder accessed Lumen’s “internal information technology systems”, conducted reconnaissance, deployed malware, and exfiltrated “a relatively limited amount of data”.
Lumen says it does not believe that these attacks would impact its operations or that they will adversely affect its financial results.
“The company continues to evaluate potential responses to the ransomware attack. In addition, the company is continuing to assess the potential impact of both events, including whether any personally identifiable or other sensitive information has been exfiltrated,” Lumen also notes.
The company has shared no details on the number of impacted customers, the type of ransomware used, and whether it engaged in communication with the attackers.
SecurityWeek has emailed Lumen for additional details and will update this article as soon as a reply arrives.
UPDATE: Lumen has provided the following statement to SecurityWeek:
“A small handful of our enterprise customers were recently affected by a security incident. Our priority is service restoration, but we’re also simultaneously investigating the cause. At this time, we have no evidence that points to direct customer application access. We thank our customers for their patience.
To be clear, we do not believe either of the cyber events are material. One of the many changes we’ve made at Lumen is a greater emphasis on trust and transparency. This is why we made a disclosure. We believe we’ve taken the necessary steps to insulate our customers and ourselves from the effect of this incident.“
Related: CISA Gets Proactive With New Pre-Ransomware Alerts
Related: US Government Warns Organizations of LockBit 3.0 Ransomware Attacks
Related: CISA Program Warns Critical Infrastructure Organizations Vulnerable to Ransomware Attacks