US email provider destroyed by hacker
US-based email provider VFEmail.net was the victim of a catastrophic cyberattack, with unknown hackers destroying its entire infrastructure for no apparent reason.
In spooky messages posted to VFEmail’s Twitter account last night, the provider warned that all of its external systems in multiple data centers were offline.
Two hours later, VFEmail revealed that the attacker was caught formatting the company’s backup server, lamenting “I’m afraid all US-based data is lost.”
Shortly after, the account confirmed via Twitter that “all drives on every server” had been erased, wiping out virtually all of the company’s infrastructure overnight. In an alert status displayed during the attack, the company warned that it had “suffered catastrophic destruction.”
The motivation behind the attack is currently unclear. There had been no ransom demand and the author did not appear to be interested in the data theft; the company confirmed to an affected customer that even though the data was encrypted, “it doesn’t matter. They just formatted everything.”
The company also noted in a tweet that all of its virtual machines were destroyed even though they used a different authentication, which suggests that the author may have used inside information.
The individual behind the company’s Twitter account raised the possibility of recovering the hacker’s single file server whose formatting they detected, but warned that “most of the infrastructure is lost.”
Ian Thornton-Trump, IT pro panelist and EMEA cybersecurity manager for AmTrust International, compared the incident to the 2014 attack on code hosting service Code Spaces.
“They were so damaged that they went bankrupt,” he said. “This is business destruction at cloud speed. I’ll bet money they didn’t have MFA on privileged accounts and / or a vulnerability management program in place.”
“What makes me sympathetic,” he continued, “is that this attack could happen to any ‘100% cloud’ business. So figure out your plan to recover or not be hit in the first place. – do yourself a favor, the customers a favor and the regulator a favor: take security seriously before you find out how bad your security is with a free pentest. “
The VFEmail website is currently inaccessible and the full status of its services to customers is unknown. IT pro contacted VFEmail for more information on the potential motivation behind the hack and its current status, and will update this story as it develops.
The Total Economic Impact ™ of Dell EMC PowerScale Storage Deployment
Cost savings and business benefits of deployment
The Definitive Guide to Cloud Migration
Migrate applications to the public cloud with multi-cloud infrastructure solutions
Carry out the modernization of the network for the coming decade
An IDC white paper
APEX Custom Solutions
A study of consumption models according to storage uses