One of the largest IT companies in Ukraine, SoftServe (number 2 in the latest DOU.UA rating), was attacked by a ransomware. A number of the company’s services stopped working, according to the AIN.UA publication.
The cybercriminals launched a ransomware virus into the system. As a result, a number of SoftServe services stopped working, and the company turned off some more in order to stop the spread of the virus. Some channels spread a message, apparently from the company’s management (it was originally sent out in English):
“Today at 1 am SoftServe suffered from cyberattack. The hackers gained access to the company’s infrastructure and were able to infect it with encryption software and other malware. We disabled some services to stop the attack; unfortunately, your work will be affected by our efforts to stop the attack in the coming hours. We also blocked the paths to our customers’ networks to prevent malware from spreading into their infrastructure”, – says the message.
SoftServe confirmed that the company indeed suffered to a cyber attack, due to which the operation of some services was affected.
“Yes, there was an attack today. The most significant consequences of the attack are the temporary loss of functionality of part of the mail system and the halt of some of the auxiliary test environments. As far as we can estimate, this is the greatest impact of the attack, and other systems or client data were not affected”, — said Adriyan Pavlikevich, senior vice president on IT in SoftServe.
To prevent the spread of the attack, company employees isolated some segments of our network and restricted communication with customer networks.
Additionally, SoftServe reported that they are preparing a message to clients with explanations of the situation. Simultaneously with the resumption of the services, the incident itself is being investigated.
The representative of SoftServe also said that they plan to restore the mail system in full in the near future.
At the same time, today in the network leaked repositories of the source code of developments for a number of companies, which are probably SoftServe clients. We can talk about IBM, Toyota, Panasonic, Cisco and others. In some repositories, was found a line, indicating that the data belongs to SoftServe.
Administrators of the @ВС8044_Info telegram channel claim that sources in SoftServe have confirmed the authenticity of the repositories, as well as that they were stolen during a recent hacker attack.
The company has not officially confirmed or denied the authenticity of the published developments.
Let me remind you that I reported about Fancy Bear attack on Ukrainian oil and gas company Burisma.