November 25, 2024 at 06:00AM
Microlise confirmed a cyberattack in October resulted in data theft and disruption of tracking systems for DHL and Serco. The company has nearly restored services and reported potential employee data compromise. The SafePay ransomware group claimed responsibility, alleging theft of 1.2 terabytes of data and employing double-extortion tactics.
Here are the key takeaways from the meeting notes regarding the cyberattack on Microlise:
1. **Incident Confirmation**: Microlise, a UK vehicle tracking solutions provider, confirmed a cyberattack occurred in October, resulting in data theft from its systems.
2. **Disruption Impact**: The attack disrupted a significant portion of Microlise’s network, affecting tracking systems and emergency alarms in prison vans and courier vehicles operated by DHL and Serco.
3. **Restoration Progress**: One week post-incident, Microlise reported a restoration of most services, although concerns remain about potential employee data compromise.
4. **Status Update to Stakeholders**: Microlise communicated to the London Stock Exchange that the majority of customer systems are back online, and it reassured that no customer data was compromised.
5. **Notification to Authorities**: The company has informed international authorities regarding the stolen corporate data from its headquarters but has not disclosed specific details.
6. **Ransomware Claim**: Shortly after Microlise’s update to the stock exchange, the SafePay ransomware group claimed responsibility for the attack, alleging the theft of 1.2 terabytes of data.
7. **Ransomware Group Profile**: SafePay is noted for using LockBit-based ransomware and employs double-extortion tactics, having claimed responsibility for over 20 attacks to date.
8. **Future Communications**: SecurityWeek is awaiting a response from Microlise for further details on the cyberattack.
These points summarize the critical elements of the cyberattack’s impact on Microlise and the ongoing situation surrounding data security and recovery.