Recent searches
Search options
Tietoevry (24k employees, MSP) are dealing with an Akira ransomware incident on their Swedish services https://www.tietoevry.com/en/newsroom/all-news-and-releases/other-news/2024/01/update-on-ransomware-attack-in-sweden-restoration-work-progressing-at-tietoevry/
They were prior hit by ransomware in 2021 with some of their Norwegian customers https://www.tietoevry.com/en/newsroom/all-news-and-releases/other-news/2021/02/information-about-ransomware-attack-in-norway/
Almost two weeks after being hit with ransomware in their Swedish datacenter, Tietoevry are still recovering customer services. https://www.tietoevry.com/en/newsroom/all-news-and-releases/press-releases/2024/01/tietoevry-solid-progress-with-restoration-of-customer-systems-after-the-ransomware-attack/
Tietoevry are still trying to recover from ransomware over a month in. Some customers who paid for managed backups have no backups, apparently.
I’m quite confused by their statement they don’t know initial access point - they run Cisco AnyConnect VPN in that data centre and probably want to check their access logs.
https://mastodon.acc.sunet.se/@maswan/111931139599220350
A reminder that, when it comes down to it, your cloud provider would rather throw you to the wolves than admit mistakes. https://www.dn.se/sverige/20-ar-av-data-borta-hackarna-kom-at-sakerhetskopior/
@GossiTheDog Well, from the second article, maybe they stored the access logs in the same "sufficiently secure" storage system as their customer backups?
This would be a good news tip to @LinusLarsson though, I'm sure he could do a third article contrasting your expertise from just observing what vulnerable software they have run from the outside with the TietoEvry's inability to figure anything out.
@GossiTheDog Seems cloud is subject to the same economic issues as every other corporation with a low risk high cost to mitigate problem. It's easier to ignore the problem and figure on walking away from the burning building protected by limited liability..
I find it interesting that they went even further, and were stating that "we have no evidence that we ever had a security vulnerability", even when the interviewer went as far as "so how did the get in then, magic?" they just got brushed off with that.
@GossiTheDog Is there an English version of this article available anywhere? I cant seem to find one in Google (but it is also nearly midnight so there's that 
)
Also if this is not the best use case example for why EVERYONE should be using the 3-2-1 data backup policy then I don't know what is. While they are going to deserve every fine they're about to be slapped with...that doesn't bring that data back.
@GossiTheDog the CEO made a statement that they are secure enough and there’s nothing they could have done to prevent the attack. If customers want better security they’ll just have to pay more.
It is so nonchalant. It wouldn’t hurt to be a bit humble when your mistakes bring so many clients to their knees.