Cloudstar, a leading IT provider, fell victim to a ransomware attack

A cloud-based IT provider CloudStar became victim to a ransomware attack, and had to take their operations offline. The company also stated that they are in negotiations with the cyber criminals regarding the same.

On Friday 16th, the ransomware had infected Cloudstar systems and the company communicated the same to its customers shortly then. The company also stated that their 0365 mail services are working for fine and still operational.

Cloudstar had used third party forensics Tetra Defense for assistance with recovery and regarding information to law enforcement agencies. While the company is interacting with the threat actors to resolve this issue, the stakeholders of the company are put on hold until the company either resolves this with or without the aid of those ransomware operators.

Cloudstar has been serving finance, real estate and insurance companies with its IT services, and offers a complete IT package for its stakeholders in the United States.

We understand this could be a highly difficult time for Cloudstar and their customers, and the company have also addressed the same via their website. Here’s what the company has to say about the incident,

We are continuing to work around the clock with our third-party experts to investigate the nature and scope of this attack.  We are meticulously scanning our systems to determine exactly which ones were impacted by malware, and which ones may still be viable and/or clean to bring back online. We have also been staying in close contact with law enforcement and working with our customers to relay as much information as possible to help them meet their business needs and make go-forward decisions that are in their best interests and that of the industry’s. 

As soon as we have a definitive timeline to share in terms of when we will be back up and running, we will do so – but we are still very much so in the containment and remediation phase and appreciate our valued partners’ patience at this time. 

Ransomware operators are never slowing down, its only been two weeks since the massive Kaseya VSA attack on MSPs.

We at The Cybersecurity Times are closely monitoring the situation and will share the complete details of the attack as we have more info on this.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, Instagram, Twitter and Reddit.

You can reach out to us via Twitter or Facebook, for any advertising requests.