Former employees alleged that Kaseya failed to respond to security vulnerabilities for years before REvil’s latest ransomware campaign.
(Photo Illustration: SOPA Images / Getty Images) Kaseya executives were informed of security vulnerabilities affecting the company’s IT management solutions long before they were exploited by the REvil hacker group, Bloomberg reported, with several former employees saying they warned the company’s leadership about numerous flaws between 2017 and 2020. REvil used Kaseya’s VSA remote management service to compromise « fewer than 40 » of the company’s customers as part of a ransomware campaign. But those customers weren’t REvil’s only target: A security firm called Huntress Labs said on July 3 that it believed at least 200 other companies were affected, and on July 8 the firm said « Kaseya VSA was used to encrypt well over 1,000 businesses.
