The US Managed Service Provider CompuCom Confirms Ongoing Outage Following Malware Incident
The cyberattack resulted in service outages that made it necessary for the MSP’s customers to be disconnected from the network to stop the spread of malware.
CompuCom is an IT managed services provider (MSP) that gives remote support, hardware and software repair but also other technology services to companies, employing approximately 8,000 people.
Some of the past and existing customers of CompuCom include well-known names, like Home Depot, Target, Citibank, Wells Fargo, Truist Bank, and Lowe’s.
When did the attack take place?
From the information given publicly, the breach happened during the weekend. The attack consisted of an outage that didn’t allow customers to access the company’s portal therefore, users landing on the website got a general error message.
According to Bleeping Computer, who got in touch with some of the CompuCom clients, the company began contacting customers in order to alert them regarding this situation, to let them know they might have been compromised by malware soon after the attack.
What risks are the clients facing?
However, customers were not told what type of attack occurred and whether it was ransomware, some sources confirming that CompuCom proceeded to disconnect some customer access to prevent the spread. Another customer stated they were detached from CompuCom’s VDIs (Virtual Desktop Infrastructure) to ensure their data was not affected by the attack.
It’s interesting to notice the profile of ransomware victims in the channel has moved upmarket. If before the victims were small MSPs who provided IT services for dentists and local law firms, now it is represented by high yield technology companies that manage data of Fortune 500 clients.
Heimdal® Threat Prevention - Network
- No need to deploy it on your endpoints;
- Protects any entry point into the organization, including BYODs;
- Stops even hidden threats using AI and your network traffic log;
- Complete DNS, HTTP and HTTPs protection, HIPS and HIDS;
CompuCom stated in a press release that they suffered a ‘malware incident’ but there’s no evidence of this vulnerability spreading to customers’ systems.
“Certain CompuCom information technology systems have been affected by a malware incident which is affecting some of the services that we provide to certain customers. Our investigation is in its early stages and remains ongoing. We have no indication at this time that our customers’ systems were directly impacted by the incident.
As soon as we became aware of the situation, we immediately took steps to contain it and engaged leading cybersecurity experts to begin an investigation. We are also communicating with customers to provide updates about the situation and the actions we are taking.
We are in the process of restoring customer services and internal operations as quickly and safely as possible. We regret the inconvenience caused by the interruption and appreciate the ongoing support of our customers.”
CompuCom has become the fifth high-level solution provider to be attacked by ransomware in the past year, joining Cognizant, Conduent, DXC Technology and Tyler Technologies.