Data center provider Equinix said its systems have been subject to a ransomware attack.
They were the colocation giant’s own systems, and the attack did not affect any of its customers, the company said in a blog post Wednesday evening US Pacific time.
“Equinix is currently investigating a security incident we detected that involves ransomware on some of our internal systems. Our teams took immediate and decisive action to address the incident, notified law enforcement and are continuing to investigate. Our data centers and our service offerings, including managed services, remain fully operational, and the incident has not affected our ability to support our customers. Note that as most customers operate their own equipment within Equinix data centers, this incident has had no impact on their operations or the data on their equipment at Equinix. The security of the data in our systems is always a top priority and we intend to take all necessary actions, as appropriate, based on the results of our investigation.”
The Redwood City, California-based company is the world’ largest data center provider by revenue. It operates more than 200 data centers across 55 markets around the world.
The company didn’t offer any detail about the ransomware incident. Bleeping Computer claims to have gotten a copy of the ransom note Equinix received. According to the news site, the note included a screenshot of folders with the encrypted files. Folder names indicate that they contain a lot of sensitive data, such as financial, legal, and payroll information.
The note reportedly made a threat that the encrypted files would be posted online and made publicly available had Equinix not paid the ransom within three days of the attack. Bleeping Computer concluded that the attack came this past weekend. A link in the ransom note lead to a ransomware payment site that indicated that the amount being asked was $4.5 million, or 455 bitcoin, which would double if not paid after a certain period, Bleeping Computer said.
While most ransomware attacks target individual users, attacks on large IT organizations and their data centers have been on the rise. Aluminum producer Norsk Hydro; data center provider CyrusOne; University of California, San Francisco; and the Texas court system have been victims of some of the most recent such attacks.
An IT organization has multiple options when its data center gets attacked by ransomware. To learn what those options are, and what are the pros and cons of each, read the DCK special guide to ransomware.
DCK is working to find more information on the incident. Contact us confidentially via Signal: +1.925.788.0235