CyrusOne, one of the major US data center provider, hit by ransomware attack

Pierluigi Paganini December 05, 2019

Ransomware attacks continue to threaten organizations worldwide, CyrusOne, one of the biggest data center providers in the US, is facing with an infection.

A new ransomware attack made the headlines, systems at CyrusOne, one of the biggest data center providers in the US, were infected by the malware.

The company reported the incident to law enforcement, it hired forensics firms to investigate the attack. At the time the company has not yet disclosed the ransomware attack.

CyrusOne is currently working with law enforcement and forensics firms to investigate the attack and is also helping customers restore lost data from backups.” reads a post published by ZDNet that first reported the news. “According to a copy of the ransom note obtained by ZDNet, this was a targeted attack against the company’s network.”

CyrusOne owns 45 data centers in Europe, Asia, and the Americas, and has more than 1,000 customers, but the infection impacted only some of them.

The company doesn’t want to pay the ransom to restore the attack.

It seems that the infection took place on December 4, 2019, when a variant of the REvil (Sodinokibi) ransomware infected the systems at the company.

In May, threat actors were observed exploiting recently patched critical Oracle WebLogic Server vulnerability to deliver the Sodinokibi ransomware to organizations. In June, the ransomware hit several managed service providers, while in August the same malware infected the company behind DDS Safe solution used by hundreds of dental offices and at least 23 Texas local governments as the result of a coordinated effort.

The attack appears to be targeted in nature, but at the time of writing details of the intrusion and the extent of the attack were not disclosed.

Source ZDnet

Some customers of CyrusOne, like FIA Tech, has informed customers that the outage of their respective cloud services was caused by a problem suffered by the operator of their data center provider.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – CyrusOne, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment