BrianKrebsAug 24, 2023

Yikes!

"CloudNordic has told customers to consider all of their data lost following a ransomware infection that encrypted the large Danish cloud provider's servers and "paralyzed CloudNordic completely," according to the IT outfit's online confession.

"The intrusion happened in the early-morning hours of August 18 during which miscreants shut down all of CloudNordic's systems, wiping both company and customers' websites and email systems. Since then, the IT team and third-party responders have been working to restore punters' data — but as of Tuesday, it's not looking great."

https://www.theregister.com/2023/08/23/ransomware_wipes_cloudnordic/

Criminals go full Viking on CloudNordic, wipe all servers and customer data

IT outfit says it can't — and won't — pay the ransom demand

The Register
Show threadBrianKrebsAug 24, 2023

This also is terrifying:

CloudNordic says its "best estimate" is that the infection happened as servers were being moved from one datacenter to another.

Some of the machines were apparently infected before the move, and during the transfer servers that had been on separate networks were all connected to CloudNordic's internal network. This gave the intruders access to both the central administrative systems, storage, replication backup system and secondary backups, all of which they promptly encrypted for extortion.

Show threadDebabrata Bhattacharya || SE || 💉💉💉
@briankrebs New fear unlocked
Aug 24, 2023 at 1:21pmWeb