Software company says hundreds of customers hit in recent ransomware attack, experts think more
The software company that recently became the victim of the biggest ransomware attack on record says fewer than 1,500 businesses that use its product were compromised, but cyber experts suspect the number is higher as victims are still being identified.
The company, Miami-based Kaseya, said 800 to 1,500 of its 800,000 to 1 million customer have so far been identified as victims of Friday's hack.
Kaseya also said most of its customers are small businesses and that companies use its software to manage IT infrastructure, according to the Associated Press.
Cybersecurity experts said it's still too early for Kaseya to know the full impact, especially since the attack was launched by the Russia-linked REvil group on the eve of this past July Fourth weekend.
Experts think the number is higher in part because nearly 60 of the customers identified by Kaseya on Sunday are so-called managed service providers, MSPs, which have multiple customers of their own.
“Given the relationship between Kaseya and MSPs, it’s not clear how Kaseya would know the number of victims impacted. There is no way the numbers are as low as Kaseya is claiming though,” Jake Williams, chief technical officer of the cybersecurity firm BreachQuest, told the wire service.
The attack reportedly hit a broad array of businesses and public agencies – on all continents and including the public sector and the financial services and travel industries. However, few large companies were hit.
President Joe Biden said Saturday he has ordered the U.S. intelligence intelligence community to investigate the attack and that the U.S. would respond if the Kremlin is found to be involved.