Another IT Provider Hacked

We just finished writing about an IT provider of managed services in Colorado who was hacked, and in turn all or most of their customers were hacked as well.

Well, it’s another day and this time the story comes from California.

Synoptek, a California business that provides cloud hosting and IT management services to more than a thousand customers nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. The company has reportedly paid a ransom demand in a bid to restore operations as quickly as possible.

Irvine, Calif.-based Synoptek is a managed service provider that maintains a variety of cloud-based services for more than 1,100 customers across a broad spectrum of industries, including state and local governments, financial services, healthcare, manufacturing, media, retail and software. The company has nearly a thousand employees and brought in more than $100 million in revenue in the past year, according to their Web site.

Much like other ransomware gangs operating today, the crooks behind Sodiniokibi seem to focus on targeting IT providers.

Every single IT provider is now a major target, because by successfully compromising a single IT provider attackers compromise dozens or hundreds of other companies in the process.

If you aren’t asking your current IT provider what they are doing to make sure that their own house is in order, you aren’t doing your due diligence.