This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
| 1 minute read

Kaseya Customers Respond to Ransomware Attack

Customers of Kesaya, an IT security software provider, are responding to a massive ransomware attack launched at Kesaya users over the July 4 holiday weekend.

Kesaya announced that it was investigating reports of a ransomware attack on its customers on July 2, as the holiday weekend was getting started.  In a series of updates over the next few days, Kesaya kept its customers apprised of its investigation and its work to prepare a security patch.  Kesaya had planned to distribute its security patch on July 6, but later that day announced that the release was being delayed indefinitely.

Kesaya’s customers, not surprisingly, are reviewing their agreements.  Depending on their circumstances, some customers may be looking for refunds and others may be looking to terminate long-term agreements that require ongoing payments.  According to the New York Times, the Kesaya exploit has affected “hundreds” of businesses.  As a result, the software company is likely to face a great number of customer demands for relief.  

Kesaya’s published End User License Agreement purports to bind the customer to a minimum license term of three years.  The EULA does not permit the customer to terminate the deal early if the Kesaya software fails or even if Kesaya breaches the contract.  Terms like these are likely to produce controversy in the coming weeks.  

Attorneys at Taylor English Duma are working with clients who use the Kesaya software with strategies to respond to the ransomware attack. 

Hackers hit a range of IT management companies and compromised their corporate clients by targeting a key software vendor called Kaseya. On Monday, the attackers requested a $70 million payment in bitcoin in exchange for a decryption tool that could help victims recover from the attack.

Tags

ransomware, kesaya, cybersecurity, data security and privacy, wilson_jonathan, insights

Tweets on this subject