Texas-based data center provider CyrusOne has reportedly fallen victim to an attack from REvil (Sodinokibi) ransomware, business tech-focused publication ZDNet reported on Dec. 5.

One of the largest data centers in the United States, CyrusOne has reportedly been exposed to an attack by a variant of the REvil (Sodinokibi) ransomware, which previously hit a number of service providers, local governments and businesses in the country.

In an email CyrusOne confirmed:

“Six of our managed service customers, located primarily in our New York data center, have experienced availability issues due to a ransomware program encrypting certain devices in their network.”

The firm went on to assure viewers that law enforcement was working on the matter and that their “data center colocation services, including IX and IP Network Services, are not involved in this incident.”

Per the ransom note obtained by ZDNet, the attackers targeted CyrusOne’s network, with the sole objective of receiving a ransom. Those behind the attack claimed in the note that they consider the attack nothing more than a business transaction, aimed exclusively at profiting.

In the event the company does not cooperate with the attackers, it will purportedly lose the affected data as the cybercriminals claim to have the private key.

In late October, hackers compromised the website of the city of Johannesburg, South Africa, and demanded ransom in Bitcoin. The breach affected several customer-facing systems — hardware or software customers interact with directly, such as user interfaces and help desks. The city authorities refused to pay the ransom.

Meanwhile, a number of Finnish cities and organizations are rehearsing how to respond when a group of hackers demands the participants pay ransomware during a series of simulated cyberattacks.

Subscribe to our groups in Facebook and Telegram and stay up to date.