Following is an update on our progress regarding the May 6 interruption of our network and services.
We have now restored service to nearly all customer applications and platforms. To date, we have found no evidence that customer data or systems were compromised.
As previously stated, on Monday May 6, our IT team detected anomalies in some devices and servers and, upon investigation, discovered malware. The malware detected was a new (“zero-day”) strain, for which the signature was then unknown, and there was not an existing antivirus solution available to detect the presence of the malicious code. The malware involved in this incident is designed to infiltrate, encrypt files, and disrupt business.
In response, out of extreme caution, we took a very broad range of customer and internal applications and platforms (including our VoIP phone systems) offline. We notified law enforcement regarding the incident.
After initially containing the malware, we began reinforcing protective measures. Our enterprise anti-virus vendors have provided us with updated detection files. Over several days, we then worked to bring systems and applications back on-line. This process involved system-by-system and application-by-application assessment, scanning, testing, and quality assurance protocols designed to provide protections that when we return to service, we do so in a safe and secure way.
Our investigation of the incident is on-going. Further updates will be provided.