Tuesday , February 27 2024
TIETOEVRY

Swedish customers affected
Akira ransomware hits cloud service Tietoevry

A ransomware attack on a data center run by Finnish IT company Tietoevry has caused widespread outages in Sweden, affecting healthcare, government services, retail outlets, and the largest cinema chain in the country.

Tietoevry, a publicly traded company based in Espoo, Finland, reported that an attack occurred over the weekend. The attack affected one of their Swedish data centers and caused outages for Swedish customers.

CISA Issues Alert on APT29’s Cloud Infiltration Tactics

CISA and the UK's NCSC released a joint advisory about new tactics of Russian Foreign Intelligence Service (SVR) cyber actors....
Read More
CISA Issues Alert on APT29’s Cloud Infiltration Tactics

Bangladesh to form ‘Cyber Police Unit’: PM Sheikh Hasina

The Prime Minister of Bangladesh Sheikh Hasina has announced to form ‘Cyber Police Unit’, a separate unit to combat cyber...
Read More
Bangladesh to form ‘Cyber Police Unit’: PM Sheikh Hasina

Alert – Critical SQLi Vulnerability Threatens 200K+ Websites

A critical security vulnerability has been revealed in the widely used WordPress plugin called Ultimate Member, which is installed on...
Read More
Alert – Critical SQLi Vulnerability Threatens 200K+ Websites

Chainalysis Report
$100 million in crypto payments to Myanmar scam syndicate

Investigators found that two cryptocurrency addresses linked to a company in Myanmar received nearly $100 million in deposits in less...
Read More
Chainalysis Report  $100 million in crypto payments to Myanmar scam syndicate

Microsoft released PyRIT, A Tool For Generative AI Systems

Microsoft has released a new open automation framework called PyRIT (Python Risk Identification Toolkit). It helps security professionals and machine...
Read More
Microsoft released PyRIT, A Tool For Generative AI Systems

NCSA organized a seminar on ‘Safe Internet Usage’ in Rangpur

The National Cyber Security Agency  (NCSA) rganized a seminar on 'Safe Internet Usage' at Rangpur District Shilpakala Academy Auditorium. Over...
Read More
NCSA organized a seminar on ‘Safe Internet Usage’ in Rangpur

LockBit new .onion address
LockBit returns; new five victims disclosed

LockBit restarted their ransomware operation on a new infrastructure after law enforcement disrupted their servers. Now, they threat to target...
Read More
LockBit new .onion address  LockBit returns; new five victims disclosed

Cyberattack halts Malawi Immigration Dept. Passport Services

The government of Malawi has stopped giving out passports after a cyber-attack on the immigration service's computer network. President Chakwera...
Read More
Cyberattack halts Malawi Immigration Dept. Passport Services

LockBit Reestablishes Dark Web Leak Site: Report

The LockBit ransomware group reactivated a hidden website on the dark web. They posted a long message written by their...
Read More
LockBit Reestablishes Dark Web Leak Site: Report

0/1 click Facebook account takeover; Nepalis talent rewarded

eta ranked Nepal's cyber security researcher Samip Aryal first in the White Hack (Hall of Fame) for finding a vulnerability...
Read More
0/1 click Facebook account takeover; Nepalis talent rewarded

The company, which last reported annual revenue of $3.3 billion, has 24,000 employees and counts customers in over 90 countries.

Tietoevry informed Swedish customers about the attack on Saturday. They isolated the attacked infrastructure to contain the incident. The company apologized for the inconvenience caused and assembled teams to fix the attack and restore the systems.

Tietoevry cannot estimate how long it will take to restore everything due to the nature of the incident and the number of customer-specific systems. It may take several days or even weeks. They are working to resolve it as soon as possible in collaboration with the affected customers.

“We sincerely apologize for the problems this malicious attack is causing for our customers and everyone that is impacted by this,” Venke Bordal, head of market in Sweden for Tietoevry Tech Services, said in a statement. “We have allocated all necessary resources to address this with full attention.”

Several Swedish organizations have reported IT outages due to a ransomware attack. The attack has also affected Tietoevry’s managed HR and payroll system, known as Primula. This system is used by around thirty government authorities, as well as many universities and colleges. Institutions such as Karolinska Institutet, Linnaeus University, Lund University of Technology, Swedish University of Agricultural Sciences, and University West have all experienced issues with their payroll systems or other disruptions due to this attack.

Uppsala County officials in Sweden are dealing with a crisis as the region’s medical records and financial systems went offline. They are concerned that the situation could get worse if the systems are not restored promptly.

“There is no immediate risk to patients due to the IT disruption, but we are forced to use backup routines and manual handling in healthcare to a lesser extent. This means that administrative procedures can take a little longer than they usually do,” said Mikael Köhler, director of health and medical care in the Uppsala region, said in a statement on Sunday, according to a machine translation.

Köhler said officials are working to promptly notify private healthcare providers in Uppsala about the outages.

The municipalities of Bjuvs and Vellinge experienced issues with their payroll systems. Vellinge also reported that their library systems are currently offline.

Sweden’s national government service center, Statens, has been affected by the outage. However, the organization has assured that government salaries for this month will still be paid. They had already processed the payroll data and sent the payments to banks before the attack happened.

Sweden’s largest cinema chain, Filmstaden, can’t sell advance tickets on its website or app due to the outages. Granngården, one of Sweden’s largest retailers, closed its over 100 retail outlets because of the attack. The company told customers they hope the problem will be resolved soon.

The Tietoevry data center was targeted in a ransomware attack. It provides enterprise hosting for managed cloud services, such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform reported Bleeping Computer.

The company statement reads, “the ransomware attack on one of Tietoevry’s datacenters in Sweden has impacted Tietoevry’s services to a limited group of customers in Sweden. The affected platform was isolated immediately, and the attack has not impacted other parts of Tietoevry’s infrastructure. As of today, Monday 22nd January, the work to restore the impacted services is progressing.

The malicious attack based on Akira ransomware on one of our datacenters in Sweden took place during the night of January 19-20. Tietoevry takes the situation very seriously and has an extensive team of experts and technicians working around the clock to minimize the impact and restore services.

Tietoevry has over the weekend completed the thorough preparations essential for initiating restoration of the customer-specific services. Currently, Tietoevry cannot say how long the restoration process as a whole will take – considering the nature of the incident and the number of customer-specific systems to be restored, the total timespan may extend over several days, even weeks. We are focused on resolving this as soon as technically possible, in close collaboration with the customers in question.

“We understand that this situation is challenging for the impacted customers, and we are making every effort to ensure that they are kept up to date on the progress being made. We regret the inconvenience caused by this malicious attack on our customers and all those affected by it. Our priority is to continue with bringing our customers services back safely and efficiently”, says Venke Bordal, Head of Tietoevry Tech Services Sweden.

Tietoevry has increased the preparedness and surveillance of its infrastructure overall as a security measure. Tietoevry is collaborating with relevant authorities and has filed a report to the Swedish police.”

Check Also

4.0

TrendMicro Research
LockBit-NG-Dev, might consider a true 4.0 version

LockBit ransomware creators were working on a new version of their file-encrypting malware, called LockBit-NG-Dev, …

Leave a Reply

Your email address will not be published. Required fields are marked *