Kaseya says 800 to 1,500 businesses hit by cyberattack

A sign that reads: "Coop Forum supermarket in Vastberga is closed due to IT disturbances, no prognosis as to when we will open again," on a closed Coop supermarket store in the suburb of Vastberga, Stockholm, Sweden. Cybersecurity teams worked feverishly Sunday to stem the impact of the single-biggest global ransomware attack on record, with some details emerging about how the Russia-linked gang responsible breached the company whose software was the conduit. (Jonas Ekstromer/TT via AP, File)
Caption
A sign that reads: "Coop Forum supermarket in Vastberga is closed due to IT disturbances, no prognosis as to when we will open again," on a closed Coop supermarket store in the suburb of Vastberga, Stockholm, Sweden. Cybersecurity teams worked feverishly Sunday to stem the impact of the single-biggest global ransomware attack on record, with some details emerging about how the Russia-linked gang responsible breached the company whose software was the conduit. (Jonas Ekstromer/TT via AP, File)

Credit: Jonas Ekstromer

Credit: Jonas Ekstromer

The software company targeted by a holiday weekend ransomware attack said between 800 and 1,500 small businesses managed by its customers were compromised.

Still, Kaseya says the cyberattack it experienced over the July Fourth holiday weekend was never a threat and had no impact on critical infrastructure.

ExploreMeat company JBS confirms it paid $11M ransom in cyberattack

The Dublin-based company said Tuesday that it was alerted on July 2 to a potential attack by internal and external sources. It immediately shut down access to the software in question. The incident impacted about 50 Kaseya customers.

A sign reads: "Temporarily Closed. We have an IT-disturbance and our systems are not functioning," posted in the window of a closed Coop supermarket store in Stockholm. Cybersecurity teams worked feverishly Sunday to stem the impact of the single-biggest global ransomware attack on record. (Ali Lorestani/TT via AP, File)
Caption
A sign reads: "Temporarily Closed. We have an IT-disturbance and our systems are not functioning," posted in the window of a closed Coop supermarket store in Stockholm. Cybersecurity teams worked feverishly Sunday to stem the impact of the single-biggest global ransomware attack on record. (Ali Lorestani/TT via AP, File)

Credit: Ali Lorestani

Credit: Ali Lorestani

Many of Kaseya’s customers are managed service providers, using Kaseya’s technology to manage IT infrastructure for local and small businesses with less than 30 employees, such as dentists’ offices, small accounting offices and local restaurants. Of the approximately 800,000 to 1,000,000 local and small businesses that are managed by Kaseya’s customers, only about 800 to 1,500 have been compromised.

The hacked Kaseya tool, VSA, remotely maintains customer networks, automating security and other software updates. President Joe Biden said Saturday that he ordered a "deep dive" by U.S. intelligence into the attack and that the U.S. would respond if it determines the Kremlin is involved.

ExploreCyberattack against world’s largest meat producer could impact consumers

The company said it is working with various government agencies, including the FBI, CISA, Department of Homeland Security and the White House, as well as with computer incident response company FireEye Mandiant IR on the incident.