Connect with us

Hi, what are you looking for?



Lumen Technologies Hit by Two Cyberattacks

Communications and IT company Lumen Technologies fell victim to two cyberattacks that led to data theft.

Communications and IT solutions provider Lumen Technologies this week revealed that it fell victim to two cyberattacks, including a ransomware attack that crippled some of its systems.

Headquartered in Monroe, Louisiana, Lumen offers an enterprise technology platform that combines networking, cloud, security, and collaboration services.

In a Form 8-K filing with the US Securities and Exchange Commission (SEC) this week, the company revealed that intruders deployed malware on its systems in two separate incidents.

The first of them was a ransomware attack in which “a limited number of the company’s servers that support a segmented hosting service” were infected.

Following the incident, a small number of Lumen’s enterprise customers are seeing degraded operations, the company says.

As part of the second incident, the company notes in the SEC filing, an intruder accessed Lumen’s “internal information technology systems”, conducted reconnaissance, deployed malware, and exfiltrated “a relatively limited amount of data”.

Lumen says it does not believe that these attacks would impact its operations or that they will adversely affect its financial results.

Advertisement. Scroll to continue reading.

“The company continues to evaluate potential responses to the ransomware attack. In addition, the company is continuing to assess the potential impact of both events, including whether any personally identifiable or other sensitive information has been exfiltrated,” Lumen also notes.

The company has shared no details on the number of impacted customers, the type of ransomware used, and whether it engaged in communication with the attackers.

SecurityWeek has emailed Lumen for additional details and will update this article as soon as a reply arrives.

UPDATE: Lumen has provided the following statement to SecurityWeek:

A small handful of our enterprise customers were recently affected by a security incident. Our priority is service restoration, but we’re also simultaneously investigating the cause. At this time, we have no evidence that points to direct customer application access. We thank our customers for their patience.

To be clear, we do not believe either of the cyber events are material. One of the many changes we’ve made at Lumen is a greater emphasis on trust and transparency. This is why we made a disclosure. We believe we’ve taken the necessary steps to insulate our customers and ourselves from the effect of this incident.

Related: CISA Gets Proactive With New Pre-Ransomware Alerts

Related: US Government Warns Organizations of LockBit 3.0 Ransomware Attacks

Related: CISA Program Warns Critical Infrastructure Organizations Vulnerable to Ransomware Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


The City of Oakland has disclosed a ransomware attack that impacted several non-emergency systems.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.


The personal and health information of more than 3.3 million individuals was stolen in a ransomware attack at Regal Medical Group.