The world’s largest publishing company, Macmillan, was forced to shut down its offices and systems as they dealt with a potential threat that could have been a ransomware attack. After the attack, which reportedly occurred during the weekend on June 25, the company shut down all of its IT systems to prevent it from spreading.
Publishers Weekly broke the news after receiving emails from Macmillan in which they claimed to have encountered a “security event, which includes the encryption of specific information on our network.” It’s clear that the hack was a ransomware attack because encryption was used.
The organisation’s US sales staff said that the suspension of all digital and physical offices throughout the whole organisation prevented it from processing, receiving, placing, or shipping orders. The ransomware attack also affects the company’s US and UK businesses.
According to Macmillan spokesperson Erin Coffey:
In order to protect our network from additional damage, we immediately took systems offline as a precaution. While these activities are ongoing, clients and other third-party partners could experience some system outages. Please be aware that the Macmillan team is actively upgrading network security measures while also restoring the system.
The media department was unable to be reached since all phone and email systems were down, according to a staff member. About the security breach, Macmillan editors have been unusually open. They informed their clients and agents that they are not being ignored but that they no longer have access to their data, systems, or emails.
As reported by Publishers Weekly, the Macmillan field sales team had issued a warning that the delay might delay the distribution of books. With the ability to access email again, Macmillan has already started putting systems back up.
It is still unknown whether any data was taken in the attack, which has not yet been acknowledged by any significant hackers. Prior to encrypting devices, ransomware attack often steal data in order to use double-extortion threats that threaten to make the stolen material public if the victim does not pay the demanded ransom. If data was exfiltrated during the attack and the ransom is not paid, a ransomware attack would likely upload the stolen files on their data leak site within a few weeks.
Apparently from Macmillan:
Some of the systems, including those we took offline out of precaution, are being brought back online. Gaining access for our employees to important systems has gone well. On June 28, our UK warehouse’s activities were restored. We are taking electronic orders from the US, but we are unable to process them now. As more information becomes available, we’ll keep you informed.
For businesses, installing active security measures before an attack takes place is significantly safer. Threats like these are greatly diminished by limiting the flow of ransomware attack by shutting unused and high-risk ports.
Has your organisation started to increase cyber security measures yet? Start your two-week free trial today.