Software company says 60 customers, plus around 1,500 downstream businesses have been impacted by the attack.
Enterprise tech firm Kaseya has confirmed that around than 1,500 businesses were impacted as a result of an attack on its remote device management software, which was used to spread ransomware. It appears that the attackers carried out a supply chain ransomware attack by leveraging a vulnerability in Kaseya’s VSA software against multiple managed service providers (MSP) – and their customers. “To date, we are aware of fewer than 60 Kaseya customers, all of whom were using the VSA on-premises product, who were directly compromised by this attack. While many of these customers provide IT services to multiple other companies, we understand the total impact thus far has been to fewer than 1,500 downstream businesses. We have not found evidence that any of our SaaS customers were compromised,” Kaseya said in an update on the attack. SEE: Network security policy (TechRepublic Premium) The attackers exploited a previously unknown flaw in the vulnerability in Kaseya’s VSA software, which is used by MSPs and their customers.
