In July 2021, REvil ransomware launched a supply chain attack on Kaseya, affecting over 1,500 businesses globally. The attack prompted President Biden to call on President Putin to address cybercriminals in Russia, warning that the U.S. will take action if the Russian government refuses to do so. The attack had significant consequences, including high ransom demands and substantial financial losses for the affected businesses.
TPRM report: https://scoringcyber.rankiteo.com/company/kaseya
"id": "kas903062325",
"linkid": "kaseya",
"type": "Ransomware",
"date": "6/2025",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': 'Over 1,500 businesses',
'industry': 'Technology',
'location': 'Global',
'name': 'Kaseya',
'type': 'Organization'}],
'attack_vector': ['Carding', 'Malware Distribution'],
'date_detected': '2019-04-01',
'date_publicly_disclosed': '2022-01-01',
'date_resolved': '2022-01-01',
'description': 'Four REvil ransomware members arrested in January 2022 were '
'released by Russia on time served after they pleaded guilty '
'to carding and malware distribution charges. The REvil gang '
'was involved in multiple high-profile ransomware attacks, '
'including the Kaseya supply chain attack.',
'impact': {'financial_loss': 'Over $100 million',
'systems_affected': 'Over 1,500 businesses globally'},
'investigation_status': 'Resolved',
'motivation': 'Financial Gain',
'ransomware': {'ransom_demanded': 'High ransom payments',
'ransomware_strain': 'REvil (Sodin, Sodinokibi)'},
'references': [{'source': 'Russian state-owned news agency TASS'},
{'source': 'Kommersant'}],
'response': {'law_enforcement_notified': 'Yes'},
'threat_actor': 'REvil Ransomware Gang',
'title': 'REvil Ransomware Members Arrested and Released',
'type': 'Ransomware'}