Lumen Technologies, a provider of IT and communication solutions, has disclosed that it was the target of two cyberattacks, one of which involved a ransomware attack that caused significant damage to several of its systems.
Headquartered in Monroe, Louisiana, Lumen offers enterprise technology services, including networking, cloud, security, and collaboration solutions. The company revealed that malware had been deployed on its systems by attackers in two separate incidents in a Form 8-K filing with the US Securities and Exchange Commission (SEC).
Lumen confirmed in a recent Securities and Exchange Commission (SEC) report that a ransomware attack carried out by a malicious actor damaged a small number of servers providing segmented hosting services.
As a result of the incident, a limited number of Lumen’s enterprise customers are experiencing slowed services. The company has also said that:
A small handful of our enterprise customers were recently affected by a security incident. Our priority is service restoration, but we’re also simultaneously investigating the cause. At this time, we have no evidence that points to direct customer application access. We thank our customers for their patience.
According to the company’s SEC filing, during the second incident, attackers targeted Lumen’s internal IT systems, introducing malware, executing reconnaissance, and stealing data.
Lumen Response to Attacks
The company has informed law enforcement and is working with other companies to manage the incident. Lumen has initiated measures for business continuity to restore the operations of its customers’ systems.
According to Lumen, the company does not expect these attacks to have any impact on its operations or its financial results.
The company continues to evaluate potential responses to the ransomware attack. In addition, the company is continuing to assess the potential impact of both events, including whether any personally identifiable or other sensitive information has been exfiltrated.
Lumen responded to these incidents by using a variety of methods to analyse, limit, and resolve the incidents. To ensure the security of its IT systems, Lumen worked with external forensic companies to mitigate the breaches and created contingency plans to restore its customers’ operations and company processes.
Furthermore, Lumen is still evaluating the possible consequences of both incidents. This includes determining if any private data or other sensitive information has been deleted.
According to Mike Parkin, who is a senior technical engineer at Vulcan Cyber:
Lumen claims that the attackers were only able to affect a limited number of systems, and without evidence to the contrary there’s no reason to doubt them. However, it’s likely that there will be fallout in lost customer confidence and possible additional damages to the customers themselves.
Lumen has not disclosed the number of customers affected by the attack or whether the company communicated with the attackers. Additionally, the type of ransomware used has not been revealed.
Successful ransomware attacks are most-often preceded by phishing emails. Help your colleagues keep a security-first mindset and boost your human firewall by starting your Phishing Tackle security awareness training today with our two-week free trial.