One of the biggest data center providers in the US, CyrusOne announced on Thursday that it has suffered a ransomware attack.
In a statement, CyrusOne revealed that six of its managed service customers, located primarily in New York, have been impacted – thus experiencing availability issues as a result of the ransomware encrypting devices in the network.
CyrusOne’s data center colocation services, including IP Network Services and IX, are not involved in the incident.
“Upon discovery of the incident, CyrusOne initiated its response and continuity protocols to determine what occurred, restore systems and notify the appropriate legal authorities,” said CyrusOne.
The company is working with external experts to address the matter and an investigation is underway.
According to details sent to ZDNet, the attack took place on December 4, and was due to the REvil (Sodinokibi) ransomware.
One of the six customers impacted is FIA Tech, a financial and brokerage firm. FIA Tech told its customers that “the attack was focused on disrupting operations in an attempt to obtain a ransom from our data center provider.”
A source has told ZDNet that CyrusOne does not intend to pay the ransom demand.
The post #Privacy: US data center provider struck by ransomware attack appeared first on PrivSec Report.