Cloud hosting company customers lose all their data following ransomware attack

CloudNordic suffers devastating ransomware attack

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A ransomware attack against two sistercloud hostingcompanies resulted in a total loss of all the data they were holding for their customers.

CloudNordic, and Azero, both owned by the Danish firm Certiqa Holding, posted an announcement on their websites stating that they had fallen victim to aransomwareattack in the early morning of Friday 18, 2023.

The attack resulted in the shutdown of all of their systems, including the websites, email servers, as well as encrypted customer data.

No data exfil, too

“The attackers managed to encrypt all servers' disks, as well as on primary and secondary backup systems, whereby all machines crashed and we lost access to all data,” CloudNordic said on its website (machine translated).

To add insult to injury, the attackers didn’t even do what they usually do - steal the data before encrypting it. CloudNordic says there’s no evidence of the data being exfiltrated beforehand, meaning that it’s very much lost for good. The identity of the threat actor is unknown, and so is the demanded sum. Whatever the sum is, the victim decided not to pay, partly because they apparently didn’t have the money.

So far, no ransomware operators assumed responsibility for the attack.

These are the best malware removal tools right now>LockBit ransomware has cost victims millions in the US alone>Millions of Duolingo users have scraped personal data sold online

CloudNordic is not yet entirely certain how the attackers compromised its systems, but speculates that it has to do with the migration of its servers from one data center to another. During that migration, a previously compromised endpoint was connected to a separate network that had access to its internal endpoints, ending in disaster.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“Through the internal network, attackers gained access to central administration systems and backup systems,” the company concluded.

At press time, both companies were unresponsive to media inquiries. On its website, CloudNordic said that communication has been made difficult.

Via:TechCrunch

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Google TV will require more RAM for future upgrades – which might leave older TVs and streaming boxes behind