Big cloud hosting company goes down completely with ransomware

Netgain, a cloud hosting company, has had to disconnect some of its data centers as a result of a recent ransomware attack. This firm offers web hosting and other cloud computing solutions, including managed IT services for multiple companies, primarily accounting firms and health services organizations.

The company notified its customers via email in recent days, mentioning that the attack, detected on November 24, caused some flaws that could lead to system outages or slowdowns: “We enabled our incident response plan, which requires us to take additional precautionary measures. We expect you to experience system outages or slowdowns over the next few days as we address the issue,” says the email Netgain customers received.

La imagen tiene un atributo ALT vacío; su nombre de archivo es netgain01.jpg

In a later update, the company mentioned that it had to close its data centers to prevent the infection from spreading across its infrastructure: “We want you to know that we understand the impact these failures have on your business. We work 24 hours a day, 7 days a week to contain this incident and restore our services to normal.”

This incident has already impacted third parties. A few hours ago it was revealed that Crystal Practice Management, one of Netgain’s business customers, notified their respective customers of the attack, involving the encryption of thousands of servers from the hosting company, adding that there is no estimated date for the restoration of these resources yet.

La imagen tiene un atributo ALT vacío; su nombre de archivo es netgain02.jpg

In recent days several members of the cybersecurity community have tried to contact Netgain representatives, although the company has not responded to requests for information. At the moment it is unknown which variant of ransomware was used or what amount of attack is required of the company.