Equinix Investigates Ransomware Attack on Internal Systems
Equinix, a global data center and interconnection provider, confirmed a security incident involving ransomware on some of its internal systems. The company detected the attack and took immediate action, including notifying law enforcement, while assuring customers that its data centers and service offerings including managed services remain fully operational.
Equinix emphasized that the incident did not affect customer equipment or data, as most clients operate their own infrastructure within its facilities. The company stated that it is prioritizing the security of its systems and will take further steps based on its investigation.
Reports from Bleeping Computer suggest the attack was carried out by the Netwalker ransomware group, which demanded $4.5 million in Bitcoin, threatening to double the ransom if unpaid. Screenshots indicate that financial records, payroll, accounting, and audit data were targeted, with potential ties to Equinix’s Australian operations.
On September 16, Equinix announced that containment efforts had progressed, preventing the release of any compromised data. By September 17, the company declared the incident fully contained, with internal systems nearing full restoration. Throughout the event, Equinix maintained that customer services and data center operations remained unaffected.
Equinix cybersecurity rating report: https://www.rankiteo.com/company/equinix
"id": "EQU1781519573",
"linkid": "equinix",
"type": "Ransomware",
"date": "9/2020",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': 'None (customer equipment and '
'data unaffected)',
'industry': 'Technology/IT Infrastructure',
'location': 'Global (potential ties to Australian '
'operations)',
'name': 'Equinix',
'type': 'Data center and interconnection provider'}],
'customer_advisories': 'Assured customers that their equipment and data were '
'unaffected',
'data_breach': {'data_encryption': 'Yes (ransomware encryption)',
'data_exfiltration': 'Threatened but prevented',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Financial records, payroll, '
'accounting, audit data'},
'date_resolved': '2020-09-17',
'description': 'Equinix, a global data center and interconnection provider, '
'confirmed a security incident involving ransomware on some of '
'its internal systems. The company detected the attack and '
'took immediate action, including notifying law enforcement, '
'while assuring customers that its data centers and service '
'offerings including managed services remain fully '
'operational.',
'impact': {'data_compromised': 'Financial records, payroll, accounting, and '
'audit data',
'operational_impact': 'Internal systems affected; customer '
'services and data center operations '
'remained unaffected',
'systems_affected': 'Internal systems'},
'investigation_status': 'Contained and resolved',
'motivation': 'Financial gain',
'ransomware': {'data_encryption': 'Yes',
'data_exfiltration': 'Threatened but prevented',
'ransom_demanded': '$4.5 million in Bitcoin',
'ransomware_strain': 'Netwalker'},
'references': [{'source': 'Bleeping Computer'}],
'response': {'communication_strategy': 'Assured customers that data centers '
'and service offerings remained '
'operational',
'containment_measures': 'Containment efforts progressed, '
'preventing release of compromised data',
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Yes',
'recovery_measures': 'Internal systems nearing full restoration',
'remediation_measures': 'Internal systems nearing full '
'restoration'},
'stakeholder_advisories': 'Assured customers that data centers and service '
'offerings remained operational',
'threat_actor': 'Netwalker ransomware group',
'title': 'Equinix Ransomware Attack on Internal Systems',
'type': 'Ransomware'}