December 2, 2023

The multibillion-dollar know-how providers agency CDW mentioned it’s investigating claims made by a ransomware gang that knowledge was stolen throughout a cyberattack.

A spokesperson for the corporate – which reported revenues over $23 billion in 2022 – mentioned they’re presently “addressing an remoted IT safety matter related to knowledge on a number of servers devoted solely to the inner assist of Sirius Federal, a small U.S. subsidiary of CDW-G.”

CDW-G is a secondary division of the corporate devoted to offering know-how providers to U.S. authorities organizations like faculties, hospitals and state-level entities.

“These servers, that are non-customer-facing, are remoted from our CDW community and different CDW-G techniques. Our safety protocols detected and contained suspicious exercise associated to those servers,” the spokesperson mentioned.

“We instantly launched an investigation with the assist of main inside and exterior cybersecurity consultants. As well as, now we have contacted acceptable authorities authorities concerning this matter.”

The corporate has confronted no operational points and haven’t seen proof of any assaults on different CDW techniques.

CDW additionally addressed claims made this week by the LockBit ransomware gang, which demanded an $80 million ransom in return for the information however was solely supplied $1 million, allegedly. A consultant of the gang even spoke to a information outlet to complain concerning the lowball supply.

“We’re conscious {that a} third social gathering has made knowledge out there on the darkish net which it claims to have taken from this setting,” CDW mentioned. “As a part of the continued investigation, we’re reviewing this knowledge and can take acceptable motion in response – together with instantly notifying anybody affected, as acceptable.”

Cybersecurity professional Jon DiMaggio – who beforehand infiltrated the LockBit group – said the information leaked from CDW “appears to be like fairly unhealthy” from each a safety and enterprise standpoint.

“Knowledge within the archives recommend it’s related to worker badges, audits, fee payout knowledge, and different account-related info,” he mentioned.

If correct, the $80 million demand can be one of many highest ever aired publicly. The REvil ransomware gang requested for $50 million in 2021 from Taiwanese pc maker Acer.

The LockBit ransomware gang continues to function with close to impunity, remaining probably the most prolific attackers presently working. The gang crippled a significant hospital community in New York, a metropolis in France and {an electrical} group run by the federal government of Montreal all within the final month.

Final week they attacked a faculty district in Virginia.

Get extra insights with the

Recorded Future

Intelligence Cloud.

Study extra.

No earlier article

No new articles

Jonathan Greig

Jonathan Greig is a Breaking Information Reporter at Recorded Future Information. Jonathan has labored throughout the globe as a journalist since 2014. Earlier than transferring again to New York Metropolis, he labored for information shops in South Africa, Jordan and Cambodia. He beforehand coated cybersecurity at ZDNet and TechRepublic.