Kaseya says 50 MSPs were affected by cyberattack
Vendor says patch for on-premise customers will be available within 24 hours after SaaS servers come back online
Around 50 MSPs were affected by the cyberattack against Kaseya as the vendor begins to roll out patches and bring its servers back online.
Kaseya was the victim of a "sophisticated" cyberattack on Friday from Russian-speaking REvil ransomware group. At the time, Kaseya said that the attack had affected around 30 MSPs and more than 1,000 businesses.
In a new update, Kaseya now claims that around 50 MSPs using its VSA on-premises product were directly compromised from the attack
Fewer than 1,500 customers of those MSPs were in turn impacted, Kaseya claims. It adds that there is no evidence that any of its SaaS customers were compromised.
The vendor claims that it has had no new reports of compromises from VSA customers since Saturday 3 July.
In a press release issued today, Kaseya says that it was alerted to a potential attack on 2 July at 2pm EST, and shut down access to the software within an hour.
It believes that only 50 of its more than 35,000 customers were breached and only between 800 and 1,500 organisations, out of a potential one million served by its MSP customers, were affected.
"Our global teams are working around the clock to get our customers back up and running," said Fred Voccola, CEO of Kaseya. "We understand that every second they are shut down, it impacts their livelihood, which is why we're working feverishly to get this resolved."
A patch for on-premises customers has been developed and is going through a testing and validation process, Kaseya says, and will become available within 24 hours once its SaaS servers come online.
Kaseya plans to bring its SaaS servers back online today between 2pm and 5pm EDT, with a final decision being made between 8am and 12am EDT tomorrow morning. These timings may change during the testing and validation process, Kaseya claims.
The firm advises that all on-premises VSA servers should be kept offline until further instructions from Kaseya, and a patch will be required to be installed before restarting the VSA tool.
Kaseya will publish another update on July 6 between 8am and 12pm EDT.