TTEC Hit with Ransomware

Written by Edward Gately
September 17, 2021

TTEC, a customer experience technology and services provider, has been hit by ransomware, according to Krebs on Security. An internal TTEC memo shared with Krebs discussed a “widespread outage” that began last Sunday.

TTEC has more than 60,000 employees, most of whom work from home providing support calls for companies such as Bank of America, Best Buy, Credit Karma, Dish Network, Kaiser Permanente, USAA and Verizon.

When contacted, TTEC sent us a statement about the attack:

“We recently became aware of a cybersecurity incident that has affected certain TTEC systems. Although as a result of the incident, some of our data was encrypted and business activities at several facilities have been temporarily disrupted, the company continues to serve its global clients. TTEC immediately activated its information security incident response business continuity protocols, isolated the systems involved, and took other appropriate measures to contain the incident. We are now in the process of carefully and deliberately restoring the systems that have been involved.”

TTEC also launched an investigation to determine the potential impacts.

“In serving our clients, TTEC generally does not maintain our clients’ data, and the investigation to date has not identified compromise to clients’ data,” it said. “That investigation is ongoing and we will take additional action, as appropriate, based on the investigation’s results. This is all the information we have to share until our investigation is complete.”

Ron Bradley is vice president of Shared Assessments. He said this situation, as with many others, underscores the importance of supplier due diligence and continuous monitoring.

“This is especially true with the expansion of the work-from-anywhere model many companies are adopting due to the global health crisis,” he said. “Companies need to make every effort to reduce their blast radius to prevent such widespread and impactful attacks.”

Training and awareness are key to help prevent these types of attacks, Bradley said. Unfortunately, in most cases the human element is the most vulnerable element.

Saryu Nayyar is CEO of Gurucul. She said ransomware has become the favorite flavor of the year, with just about every reported attack requiring a payment to get the organization back on track.

“Known ransoms are likely to total in the tens of millions of dollars this year, with no end in sight,” she said. “To combat ransomware, organizations have to be vigilant in patching systems, reaching out to vendors and open-source projects to stay informed on security issues, using traditional endpoint security detection systems, and monitoring the activity on their networks and applications for things that don’t follow the usual patterns. These require multiple security tools, along with a way of tying all of the data together to produce a complete and clear picture of security risks and remediation.”

Tags:

Edward Gately

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.