[BreachExchange] Cloud hosting provider Netgain struck by ransomware attack

[Destry Winant]

https://siliconangle.com/2020/12/09/cloud-hosting-provider-netgain-struck-ransomware-attack/

Cloud hosting and information technology services provider Netgain
Technology Inc. has been struck by a ransomware attack that has forced
the company to take some of its data centers offline.

According to Bleeping Computer Wednesday, the ransomware attack was
first reported by Netgain to its customers on Nov. 24. An email Dec. 4
warned customers of “system outages or slowdowns” from an ongoing
cyberattack targeting the hosting provider. Another email Dec. 5 to
customers stated that Netgain had been forced to shut down some of its
data centers to isolate and contain the ransomware attack.

The company has not publicly commented on the reports either on its
website or on social media channels. A client of Netgain, Crystal
Practice Management, emailed its customers Wednesday saying that it
had a briefing with the hosting provider. It was told that thousands
of Netgain servers had been affected by the ransomware attack and that
the company was working around the clock to get the servers back
online.

Exactly how many clients have been affected is unknown. Netgain
provides cloud hosting and IT services to the healthcare industry and
financial services providers. The website for Crystal Practice
Management remains offline.

Given that ransomware attacks in 2020 increasingly involved the theft
of data, that the company has yet to publicly disclose the attack
themselves is surprising. At the very least, it will likely have
clients in California and will be bound by the California Consumer
Privacy Act, and if it has clients in Europe, the European Union
General Data Protection Regulation comes into play.

“The ransomware attack on Netgain spotlights the devastating impact a
ransomware attack can have, not just on the victim, but its customers
as well.” Sanjay Jagad, senior director of products and solutions at
enterprise data storage company Cloudian Inc., told SiliconANGLE.
“Given the increasing sophistication of ransomware, any company could
suffer an attack spanning multiple weeks, like Netgain.”

Trevor Morgan, product manager with data security specialists comforte
AG, noted that Netgain has apparently been working proactively to
isolate and mitigate the situation while keeping the customer base
fully informed.

“This response is appropriate and admirable given the situation,”
Morgan explained. “In the wake of these types of data security
incidents, the best-case scenario is that the service disruptions are
a nuisance but that sensitive data remains protected.”

Morgan said the incident offers a lesson to others. “If your business
relies on cloud services for data handling, processing, and storing,
you are responsible for the protection of sensitive data,” he said.
“If regulations are broken, your business must answer for the way that
you handle and protect peoples’ sensitive data in the cloud. This
should not inspire fear but rather should encourage you to reassess
how you are protecting your customers’ most sensitive, private
information no matter where that data is.”