Cloud Computing provider iNSYNQ hit with ransomware attack

• Attackers infected iNSYNQ’s computer network with ransomware impacting customer data.
• A customer tweeted that iNSYNQ’s backups were stored on a separate server but on the same network which was affected by the ransomware attack.

Cloud computing provider iNSYNQ suffered a ransomware attack forcing the company to shut down some of its servers in order to prevent the ransomware infection from spreading.

The big picture

On July 19, 2019, attackers infected iNSYNQ’s computer network with ransomware impacting customer data. Upon learning the incident, the cloud computing provider shut down some of its servers in the iNSYNQ environment.

“We are taking measures to get your data and environments back up and running as soon as possible. We continue to make progress and are hopeful this happens soon. We understand that customers want all details of the situation and we would, too. We are doing our best to share as much information as possible while still ensuring we are able to securely restore access to your data. We’ll continue to follow up as we have more clarity on the situation,” iNSYNQ said in a status update.

What actions have been taken?

• The Cloud computing provider has taken the necessary steps to contain the ransomware and protect its client data.
• The organization has engaged cybersecurity experts to assist them in restoring the impacted data.
• They are also working in order to restore backups.

A customer tweeted that iNSYNQ’s backups were stored on a separate server but on the same network which was affected by the ransomware attack.

“@insynq Just spoke w/someone there. Said backups were a sep server but same network. They believe they will be able to recover all data but are chkg all files to be sure there is no malicious garbage still in the files. Asked if it would be days or weeks - hope just days,” the tweet read.

What was the response?

iNSYNQ's CEO Elliot Luchansky sent notification letters to its customers informing them about the incident. In the letter, the CEO explained that iNSYNQ team is working diligently to restore clients’ data, however, when the customers’ environments will be back up is not yet known.

“Understandably, there have been many requests for backups I want to be very clear that we are not withholding data or backups, we simply cannot safely access them at this time. We'll still doing everything in our power to ensure that the backups are available to you once we have addressed the underlying problem. Our entire team is working diligently to protect and restore access to your impacted data,” Luchansky said in the letter.

“We contained the situation as soon as we became aware of it. There is no evidence to suggest that any of your files have been copied from the iNSYNQ environment. The issue at hand centers on being able to access your files that have been encrypted; it is not a matter of your data being stolen or copied,” Luchansky added, BleepingComputer reported.