Cloud hosting providers CloudNordic and Azero Cloud, owned by Certiqa Holding, have fallen victim to a cyber attack that resulted in a complete loss of customer data. On April 18, 2023, at approximately 4 AM, the two companies were targeted by a ransomware attack, which led to the shutdown of all systems, including customer systems, email systems, and customer websites.

Despite the attack, both CloudNordic and Azero Cloud refused to pay the ransom demanded by the threat actors. Instead, they are working with external experts to gather more information about the attack and potentially recover their systems. Unfortunately, they have been unable to recover or recreate any customer data, resulting in a devastating loss for their customers.

As of now, CloudNordic and Azero Cloud have re-established communications but have suffered significant damage from the cyber attack. They have deployed blank systems, including name servers, web servers, and mail servers, but none of these systems contain any previous data.

To restore functionality, the companies have managed to restore the DNS administration interface, allowing users to access email and the web again. However, the loss of customer data remains irreparable.

According to a report submitted to Cyber Security News, the attack occurred during a migration between data centers. Prior to the migration, some systems were infected with malware, unbeknownst to the companies. Additionally, some servers used to manage all the servers were still connected to the previous network, which the threat actors exploited to gain access to the administration systems. From there, they targeted the primary and secondary backup systems, encrypting all accessible systems, including virtual machines. While a significant amount of data was encrypted, there is no evidence to suggest that the data was copied or breached.

CloudNordic and Azero Cloud have expressed regret for the inconvenience caused to their customers and stated that there is no evidence of a data breach beyond the encrypted data. This incident highlights the importance of implementing robust security measures and closely monitoring network traffic to prevent cyber attacks.

In light of the increasing frequency and sophistication of cyber attacks, organizations are urged to adopt multiple security measures to protect their critical data. One recommended solution is DoControl, a unified, automated, risk-aware SaaS Security Platform (SSP) that secures business-critical applications and data. Users can try a free demo of DoControl to enhance their cybersecurity defenses.

The attack on CloudNordic and Azero Cloud serves as a stark reminder of the importance of cybersecurity and the need for organizations to prioritize the protection of customer data. As cybercriminals continue to exploit vulnerabilities, businesses must remain vigilant and proactive in their defense against cyber threats.

Source link