The U.S. Fourth of July holiday weekend saw a flood of news coverage regarding Kaseya, an IT Services management firm. Kaseya announced they were the victim of a sophisticated cyber-attack using a complex ransomware variant against their VSA platform. This lead to 1,500 of their customers being compromised.
Kaseya’s current guidance is that only customers with on-premise VSA servers are at risk.
Nuspire is a user of Kaseya’s SaaS-based solution and received a notification from Kaseya over the weekend. For precautionary measures, we immediately began tracking the incident. We have no reason to believe we have been compromised and have not detected any indicators of compromise.
At this time, Kaseya’s SaaS services are not running, this has impacted the ability of Nuspire to administer IT assets for all Kaseya customers such as configuration of changes, deployment of software, patch systems or inventorying configurations. As soon as we receive confirmation from Kaseya that everything is operating normally, we will resume these services and continue to proactively monitor for suspicious behavior.
Your security is important to us. If you are a current customer of Kaseya with an on-premise VSA device, Kaseya’s recommendation is to keep the VSA devices off until a patch procedure and associated patch is developed. If you are concerned that you may be compromised, the incident response team at Nuspire stands ready to assist you. Please don’t hesitate to reach out to us.
For the most recent update on the incident, visit Kaseya’s update page.