Category: CloudNordic

Recently, there has been notable attention drawn to the announcement issued by CloudNordic, an Enterprise Hosting Provider. The statement acknowledges a distressing incident in which a ransomware group successfully compromised their systems, resulting in the complete loss of all customer data. Shockingly, this attack extended to the backup database as well, leaving the Danish service provider in a state of helplessness.

The gravity of the situation becomes evident as not only the primary data but also the secondary backups have been rendered irretrievable due to the attack. This raises significant questions about how affected customers can navigate their recovery process and whether they are entitled to any form of financial reparation.

Navigating the path to recovery is currently complex, largely contingent upon the contractual arrangements established between CloudNordic and its clients prior to project initiation. It is important to recognize that Cloud Service Providers (CSPs) commonly implement comprehensive data protection strategies. This often involves maintaining redundant copies of data both onsite and offsite. In certain cases, adherence to compliance regulations and best practices leads CSPs to uphold three distinct backup copies across diverse geographic locations.

Considering this, it is conceivable that CloudNordic might still be able to salvage data through its business continuity plans or its most recent archive. However, in instances where the predicament becomes exceptionally intricate, data recovery might prove unattainable. In such cases, legal provisions and obligations outlined in the pre-existing agreements would come into play, necessitating the company to provide compensatory measures to affected customers.

This situation presents a substantial setback, particularly for enterprises that have entrusted their critical data to the custody of Cloud Service Providers. The repercussions are especially dire for those whose operational continuity hinges on this data. Consequently, it is prudent for all stakeholders involved – both the CSP and the customers who have relied upon their services – to engage in a legal discourse. Collaboratively forging a resolution that addresses the concerns of both parties becomes imperative during these trying times.

The post What will a service provider do when ransomware attack wipes off all its data appeared first on Cybersecurity Insiders.

CloudNordic, a Denmark-based cloud service provider, has issued a public statement confirming the unfortunate incident of a ransomware attack that led to the complete deletion of customer data from its servers. Despite their efforts, the company found itself unable to prevent the removal of the stored information, which had initially been encrypted on August 18, 2023.

The company is diligently working on the process of restoring the lost data using backup solutions. However, the prospects of successful data recovery appear to be extremely slim, as the ransomware attack had also infiltrated the primary and secondary backup servers. Coinciding with this attack, another Danish firm named AzeroCloud fell victim to the same ransomware group. Yet, specific details regarding the extent of damage inflicted upon AzeroCloud remain undisclosed at this time.

In a separate incident, the University of Minnesota disclosed that unauthorized access to its servers took place on July 21, 2023. Disturbingly, reports indicate that the hackers behind this breach managed to acquire sensitive data associated with over 7 million social security numbers, data that had been amassed since the 1980s.

In a distinct development, a recently identified ransomware faction named Akira has embarked on a new campaign that involves the encryption of targets utilizing Cisco VPN products. Having gained notoriety for their involvement in the encryption of VMware ESXi virtual machines back in March 2023, the Akira Ransomware group has escalated their activities to now encompass Cisco VPNs. The modus operandi entails the deployment of backdoor mechanisms into various corporate networks. The full extent of the impact remains under ongoing investigation and is expected to be unveiled shortly.

Furthermore, Singing River Health System has fallen prey to a ransomware attack. Although an official confirmation is still pending, the healthcare service provider has reported suspicious external access to its computer network, potentially indicating an intrusion by a ransomware-type malware. The incident is currently being probed by the hospital’s IT personnel, who have assured the public that more comprehensive details will be disclosed in the upcoming week.

Amid these cyber threats, St. Helens Council, one of England’s oldest counties, has been thrust into the spotlight due to a suspected ransomware attack. Preliminary assessments indicate that the attack had a limited impact on certain internal systems of the council, with the website services continuing to operate normally.

In response to the evolving threat landscape, the council has taken proactive measures by establishing a dedicated sub-domain on its website. This sub-domain serves as a valuable resource to educate individuals about the dangers of falling victim to phishing attacks. For more information, interested individuals can visit www dot sthelens dot gov dot uk/watchoutforscams.

The post Headlines about ransomware making waves on Google’s trending news appeared first on Cybersecurity Insiders.