CyrusOne, one of the biggest data center providers in the US, suffered a ransomware attack yesterday. CyrusOne is currently working with law enforcement and forensic firms to investigate, as well as working with customers to restore data lost. The ransomware attack was caused by a version of the REvil ransomware, within the same family that hit service providers in June, 20 Texas local governments in August and over 400 dentist offices within the US in late August. It is clear that this was a targeted attack against the company network, and CyrusOne has not publicly disclosed the attack.
FIA Tech informed customers that their respective cloud services were down due to an issue that originated at their data center provider, which was confirmed to be CyrusOne by researchers. A source indicated that the ransomware has not impacted all of the company’s data centers, but restoration will be a lengthy process. CyrusOne, which owns 45 data centers in Europe, Asia, and the Americas and boasts more than 1,000 customers, does not plan to pay the ransom demand.
Read More: Ransomware attack hits major US data center provider