Axido, an IT services company, is grappling with a significant cyberattack that has led to the shutdown of its systems. As of June 12, 2024, the company discovered potential compromise of privileged access, and days later, evidence of this access being sold on a forum was found. In response, Axido has isolated its information systems and is working with an independent expert firm recommended by ANSSI to investigate the incident and mitigate its impacts.
The company has confirmed that its production environment for hosted customers has been encrypted, indicating a ransomware attack. Although Axido has yet to reveal the specific ransomware or brand involved, it has chosen not to contact the attackers, following recommendations from ANSSI. The attack has prompted Axido to focus on thorough analysis to prevent the restoration of compromised data.
Investigations are ongoing, and Axido acknowledges that restoring its systems will be a lengthy process. The company is working on eliminating any traces of the attackers and securing its infrastructure. Axido’s efforts are aimed at ensuring data security and preparing for the eventual resumption of services, although exact timelines for recovery remain uncertain.
Throughout this ordeal, Axido has emphasized its commitment to protecting customer data and addressing the attack’s effects comprehensively. The company is prioritizing security over rapid recovery to avoid potential pitfalls, demonstrating a cautious approach in response to the severe disruption caused by the cyberattack.
Reference:
