Ransomware, Content

Pitney Bowes Ransomware Attack: Many Systems Restored

Pitney Bowes has suffered a RYUK ransomware attack that encrypted information on some systems and disrupted customer access to services, the shipping and e-commerce company disclosed on October 14.

Credit ratings agency Mooody's is watching the situation closely for any indications that the attack will potentially impact Pitney Bowes' financial footing -- though Moody's believes the company is currently in a "solid financial position," CNBC reports.

Among the Pitney Bowes applications impacted were postage meter users, though it sounds like most systems are now restored. According to an October 17 update from Pitney Bowes:

"The restoration of our meter refill system is now fully complete for clients in US and Canada. All clients, including SendPro C clients, can now connect to the meter refill system to add postage to their mailing and shipping devices. We continue to work on restoring all other systems and will provide updates."

The situation wasn't as upbeat earlier this week. The company on October 15 stated:

"All cross border and shipping technology customers continue to receive uninterrupted service and are not affected. We have brought many of our most important sortation facilities back online and we are moving delivery parcels through our network again. Fulfillment has been more complex to solve, and we have begun to restart facilities. Further updates to follow."

Pitney Bowes Ransomware Attack: Consultants Assist Recovery Effort

Pitney Bowes is working with third-party consultants and security experts to resolve the issues, though the company did not mention the third-party experts by name.

Pitney Bowes has seen no evidence that customer accounts or data have been impacted, the October 14 statement said.

The company plans to disclose more information, as it becomes available, at this web address: www.pb.com/systemupdate. That URL includes a lengthy list of systems that were not working as of October 14, though most systems have since been restored.

Pitney Bowes did not disclose whether the attack directly targeted an employee, or whether the attack came in through the company's supply chain or a third-party service provider. The company also did not disclose whether MSSPs (managed security services providers) were monitoring the company's network ahead of the attack.

Pitney Bowes Ransomware Attack: Long-term Impact?

Pitney Bowes is publicly held (NYSE: PBI) and has roughly 13,300 employees worldwide. The company's clientele includes roughly 90 percent of the Fortune 500. The company's next earnings call is scheduled for Tuesday, November 5.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.