Cetrom, which provides cloud hosting services to organizations including CPA firms, has been down since Friday, May 24. On May 29, the company made its first public announcement about the situation, stating it was hit by malware and that Cetrom chose to shut all systems down to proactively prevent the widespread compromise of data.
The full statement, which is included below, explained that Cetrom is working with a third-party forensic security company as well as law enforcement to ensure all systems are safe and stable before bringing them back up. A letter sent to the American Educational Research Association, a customer of Cetrom’s, stated that the FBI and the Secret Service are investigating the attack.
Cetrom also said that this malware program appears similar in nature to the type that hit CCH, Citrix, Baltimore City, Miami and the Philadelphia court systems recently.
“Our goal is to get systems back to clients as quickly as possible,” the statement read. “To do this effectively, we must proceed with caution and be diligent in running manual scans on every server.”
Cetrom has not responded to requests for comment.
The full statement is as follows:
“On Friday, May 24, we became aware that Cetrom was hit with a malicious virus. The Cetrom team proactively shut all systems down and has been working around the clock on this issue. We are currently working with a third-party forensic security company and law enforcement to ensure that all systems are safe and stable.
As of 5:30 p.m. Eastern time, Wednesday, May 29, we do not have any indication or evidence that data has been exfiltrated.
For those affected by this outage, we are so sorry for the impact this has had on your business. We understand that this can be frustrating, and hope to provide you with regular updates on the situation. At this time, we respectfully request that you refrain from calling our support line to allow our engineers to continue working on this issue.
This virus appears to be similar to the virus that CCH, Citrix, Baltimore City, Miami, and the Philadelphia court systems were recently affected by. Our goal is to get systems back to clients as quickly as possible. To do this effectively, we must proceed with caution and be diligent in running manual scans on every server.
Although we are working on this as fast as we can, the process takes time. As systems become available, we will be contacting POCs directly. Currently, we do not have specific resolution times.
We appreciate your continued understanding and patience as we work to resolve this issue. We will continue to keep you updated and will send a notice to clients at 10 p.m. Eastern time today.”
Editor’s note: A previous version of this article used the word “breach” instead of “outage.” Breach is inaccurate as it does not appear that data from Cetrom has been exfiltrated.
For reprint and licensing requests for this article, click here.