Sandhills Shut Down by Ransomware Attack
The Website for Sandhills Global and All Their Hosted Publications Went Offline.
Sandhills Global is a privately held information processing firm based in the United States that creates a wide range of products and services, ranging from well-known trade magazines and websites to hosted technology services.
The transportation, agricultural, aerospace, heavy machinery, and technology industries are the company’s primary customers. TractorHouse, Machinery Trader, Machinery Trader Auction Results, Truck Paper, RentalYard, and AuctionTime, as well as Controller, Executive Controller, and Charter Hub, are among its trade magazines.
A website is available for each print newspaper.
The publication giant suffered a ransomware attack that unfortunately caused hosted websites to become inaccessible, in this way disrupting their business operations.
A Ransomware Attack Hit Sandhills Global
Sandhills Global’s website, as well as all of their hosted publications, went offline recently, and their phones stopped working.
When users tried to visit websites hosted on Sandhills’ platform, they were greeted with a Cloudflare Origin DNS error page, indicating that Cloudflare is unable to connect to Sandhills’ servers.
The outages are thought to be the outcome of a Conti ransomware attack.
The attack took place early Thursday morning, prompting the firm to take down all of its IT systems in order to prevent the hack from spreading.
The Conti gang usually extracts files before encrypting devices during cyberattacks in order to gain more leverage during extortion attempts. They then demand multi-million dollar ransom payments in exchange for a decryption key and a pledge not to reveal the stolen data.
It’s unknown how much the Conti demands from Sandhills or whether they hacked any information.
The journalists at BleepingComputer contacted the firm, and even if they did not receive a response at the time, they were given access to an email addressed to consumers.
Sandhills Global is currently responding to a ransomware attack that impacted our operations. Systems and operations have been temporarily shut down to protect data and information, and we have retained cybersecurity experts to assist us with the investigation, which is ongoing. We are working actively and diligently with the assistance of our retained experts to fully restore operations.
At this time, we are continuing to investigate whether any of our client’s information has been accessed or impacted by this incident. At this time, we have not discovered evidence that confirms that customer information has been compromised. Please know that our clients are our number one priority and we are working diligently to restore operations and remediate the attack. At this time, our ability to respond to your messages may be delayed. We appreciate your patience and deeply regret any inconvenience this may cause.
We will provide updates regarding this matter and the status of our services as soon as possible.
How will I be contacted on outcome?
looks like at least some of their sites are back online as of 4:30p, Oct. 4