In a filing to the Securities and Exchange Commission, on March 27, 2023, Lumen announced two cybersecurity incidents. One of the incidents is a ransomware attack that impacted a limited number of its servers that support a segmented hosting service. The company did not provide details about the family of ransomware that infected its systems, it only admitted that the incident “is currently degrading the operations of a small number of the Company’s enterprise customers.”
“On March 27, 2023, Lumen announced two cybersecurity incidents. First, last week the Company discovered that a malicious intruder had inserted criminal ransomware into a limited number of the Company’s servers that support a segmented hosting service.” reads the 8-k form filed by the company with SEC. “This intrusion is currently degrading the operations of a small number of the Company’s enterprise customers.”
After the discovery of the ransomware attack, Lumen implemented enhanced security software that allowed the company to discover a separate intrusion. In this second incident, a sophisticated intruder accessed a limited number of the Company’s internal information technology systems. The attackers were able to conduct reconnaissance of these systems, installing malware and extracting a relatively limited amount of data.
“Based on its ongoing investigations described below and information known at this time, the Company does not believe the incidents have had or will have a material adverse impact on its ability to serve its customers or its business, operations, or financial results.” continues the form.
Lumen notified law enforcement authorities and reported the incident to the impacted customers. The company launched an investigation into the incident with the help of forensic to determine the extent of the intrusion.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Lumen)