Kaseya’s July 4th Nightmare, FBI Withholds Decryption Key
Just before the July 4th weekend, Kaseya was hit with a ransomware attack by the REvil ransomware gang.
The Kaseya VSA supply chain ransomware attack breached about 50 customers, and penetrated or directly impacted up to 1,500 downstream businesses. About 70%, or 35, of the customers impacted by the attack were MSPs.
Within an hour, the company shut down access to the software in question.
Fred Voccola, Kaseya’s CEO, called the attack “incredibly sophisticated.”
The company scrambled to help its customers recover. Spammers then targeted victims with phishing schemes and other malicious tactics.
Kaseya said it didn’t pay a ransom, adding it doesn’t negotiate with criminals.
The news then broke that the FBI withheld the Kaseya ransomware decryption key for nearly three weeks, leaving victims struggling to recover and stay afloat. It did so to disrupt REvil, but the operation failed.
