Content, Ransomware

CyrusOne Ransomware Attack Impacts 6 MSP Customers


CyrusOne has suffered a ransomware attack that impacted six managed services customers, the data center provider confirmed today.

According to a statement from CyrusOne:

  • The impacted customers are primarily serviced by CyrusOne’s New York Data Center.
  • The company's Data center colocation services, including IX and IP Network Services, are not involved in this incident.
  • The investigation is ongoing and CyrusOne is working closely with third-party experts to address this matter.

The attack involved REvil (Sodinokibi) ransomware, ZDnet reports. That same ransomware knocked out 400 U.S. dental offices in August 2019.

CyrusOne Ransomware Attack: Wall Street's Brief Reaction

CyrusOne is a publicly held REIT (real estate investment trust). The company's stock briefly dropped about 5 percent earlier today on the ransomware attack news. But shares quickly recovered as it became clear that the attack was limited to a handful of customers in one data center.  Still, CyrusOne has not disclosed the size, user base or IT workloads of the customers involved.

CyrusOne runs a sizable data center business. Revenue was $250.9 million for the third quarter, compared to $206.6 million for the same period in 2018, an increase of 21%, the company disclosed in October 2019.

This is a latest in a growing list of ransomware attacks that have hit MSPs (managed IT services providers), cloud service providers (CSPs) and data center companies. The FBI has repeatedly warned service providers that they are prime targets for such attacks.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.