Telecom giant Lumen suffered a ransomware attack and disclose a second incident

Telecommunications giant Lumen Technologies discovered two cybersecurity incidents, including a ransomware attack.

In a filing to the Securities and Exchange Commission, on March 27, 2023, Lumen announced two cybersecurity incidents. One of the incidents is a ransomware attack that impacted a limited number of its servers that support a segmented hosting service. The company did not provide details about the family of ransomware that infected its systems, it only admitted that the incident “is currently degrading the operations of a small number of the Company’s enterprise customers.”

“On March 27, 2023, Lumen announced two cybersecurity incidents. First, last week the Company discovered that a malicious intruder had inserted criminal ransomware into a limited number of the Company’s servers that support a segmented hosting service.” reads the 8-k form filed by the company with SEC. “This intrusion is currently degrading the operations of a small number of the Company’s enterprise customers.”

After the discovery of the ransomware attack, Lumen implemented enhanced security software that allowed the company to discover a separate intrusion. In this second incident, a sophisticated intruder accessed a limited number of the Company’s internal information technology systems. The attackers were able to conduct reconnaissance of these systems, installing malware and extracting a relatively limited amount of data.

“Based on its ongoing investigations described below and information known at this time, the Company does not believe the incidents have had or will have a material adverse impact on its ability to serve its customers or its business, operations, or financial results.” continues the form.

Lumen notified law enforcement authorities and reported the incident to the impacted customers. The company launched an investigation into the incident with the help of forensic to determine the extent of the intrusion.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Lumen)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.