US managed service provider CompuCom has suffered a cyberattack leading to service outages and customers disconnecting from the MSP's network to prevent the overspread of malware.
CompuCom is an IT managed services provider (MSP) that provides remote support, hardware and software repair, and other technology services to companies. CompuCom is a wholly-owned subsidiary of The ODP corporation (Office Depot/Office Max) and employs approximately 8,000 people.
Some of the past and existing customers of CompuCom include well-known names, such as Home Depot, Target, Citibank, Wells Fargo, Truist Bank, and Lowe's.
If you make first-hand information about this or other unreported cyberattacks, you can confidentially contact us on signal at +16469613731 or on wire at @lawrenceabrams-bc.
The onslaught occurred over the weekend
Over the weekend, CompuCom suffered an outage that prevented customers from accessing the company's customer portal to open troubleshooting tickets.
When visiting the portal, the website greeted customers with a general error message stating, An mistake occurred while processing your request.
Error message on CompuCom node portal
Error message on CompuCom client portal
BleepingComputer was told that CompuCom began contacting customers to alert them that they had been compromised by malware soon after the attack. However, customers were not told what typecast of assail occurred and whether it was ransomware.
In later conversations with affected customers, BleepingComputer learned that CompuCom had disconnected their access to some customers to forestall the malware's spread. Another customer told us that they had detached from CompuCom's VDIs (Virtual desktop Infrastructure) to ensure their data was not affected by the attack.
Multiple people also told BleepingComputer that this was a ransomware attack, but we could not confirm independently if this is true.
After reaching out to CompuCom about the attack, the troupe issued a statement to BleepingComputer stating that they suffered a 'malware incident' and that there is no evidence of it spread to customers' systems.
You can read the full CompuCom statement below:
Certain CompuCom information technology systems get been affected by a malware incident which is affecting some of the services that we ply to certain customers. Our investigation is in its early stages and remains ongoing. We have no denotation at this time that our customers' systems were directly impacted by the incident.
As soon as we became aware of the situation, we immediately took steps to contain it, and engaged leading cybersecurity experts to begin an investigation. We are also communicating with customers to provide updates about the situation and the actions we are taking.
We are in the appendage of restoring customer services and internal operations as quickly and safely as possible. We regret the inconvenience caused by the interruption and appreciate the ongoing funding of our customers. - CompuCom
Unfortunately, based on the info BleepingComputer has received and the statement by CompuCom, the companionship has most likely suffered a ransomware attack.
If this turns out to be a ransomware attack, threat actors likely stole unencrypted files.