Ransomware Attack Targets Equinix Data Center Provider

Continuing the trail of ransomware attack victims, now joins the data center giant Equinix. The service faced the cyber attack recently which affected its internal systems.

Equinix Ransomware Attack

Reportedly, the American data center giant firm Equinix has fallen prey to a ransomware attack. The incident surfaced online after the company disclosed the breach in a security update.

As revealed, the firm recently noticed the presence of ransomware on its internal systems.

Following this discovery, they quickly took steps to contain the attack. Besides, they also started investigating the matter.

It turns out that the ransomware remained confined to some systems only, and did not affect its core operations. As stated in their post,

Our data centers and our service offerings, including managed services, remain fully operational, and the incident has not affected our ability to support our customers.

Also, this incident does not affect its customers in any way.

Note that as most customers operate their own equipment within Equinix data centers, this incident has had no impact on their operations or the data on their equipment at Equinix.

What Next?

Upon noticing the incident, Equinix informed the relevant law enforcement authorities about the matter as they proceeded with the investigations.

While this goes on, they haven’t shared any other details about how and when exactly did the attack occur. Nor did they explicitly mention the systems affected during the ransomware attack, and whether or not they have paid to the hackers.

However, Bleeping Computer has revealed that the firm also fell prey to Netwalker ransomware. The attackers have demanded $4.5 million as ransom in BTC, which would double in case of failure of payment within a week.

Whereas, for the compromised data, Bleeping Computer mentions,

…contain numerous folders whose names indicate they include financial information, payroll, accounting, audits, and data center reports.
Folder names in the screenshot reference data centers and engineers who work in Australia, indicating that their Australian offices were likely compromised.
The latest timestamp on the folders is 9/7/20, which corroborates the claims that the attack occurred over the weekend.

Equinix hasn’t confirmed anything about these details. Yet, they have assured to update the blog as they continue with the investigations.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients